The Apache Software Foundation Blog

Friday March 02, 2018

The Apache News Round-up: week ending 2 March 2018

Well, hello March. Let's see what the Apache community has been up to:

"Success at Apache" –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - Contributing to Open Source even with a high-pressure job by Anthony Shaw https://s.apache.org/lM9O

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: learn how to get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield sensational performance at 99.90% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 550 Apache contributors changed 1,430,495 lines of code over 4,052 commits. Top 5 contributors, in order, are: Andi Huber, Jacky Li, Sean Busbey, Matteo Merli, and Tilman Hausherr.

Apache Fluo™ –a distributed processing system built on Apache Accumulo.
 - Apache Fluo 1.2.0 released http://fluo.apache.org/

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-EA%3DarmRcEHu5R3zZhyuTm%3DZTLKHNJa5wPrsCYd3AeNfA%40mail.gmail.com%3E
 - CVE-2017-15693 Apache Geode unsafe deserialization of application objects http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-HwkgJoAUiCKj1S43OfcaU%2B47ZQkw%2BwkNmm0%3DJSH_Y5TA%40mail.gmail.com%3E

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.4.14 released https://groovy.apache.org/

Apache Lucy™ –search engine library provides full-text search for dynamic programming languages.
 - Apache Lucy 0.6.2 and Clownfish 0.6.3 released http://lucy.apache.org/

Apache MXNet (incubating) –a deep learning framework designed for both efficiency and flexibility.
 - Apache MXNet (incubating) 1.1.0 released http://mxnet.incubator.apache.org/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 4.0.2 released http://openmeetings.apache.org
 - CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAJmbs8jpHcih%2BA0nzrUQV8gkF65tCVLrjqiq26vLarskarScmw%40mail.gmail.com%3E

Apache PDFBox™ –access to images encoded using the JBIG2 image compression standard.
 - Apache PDFBox JBIG2 ImageIO plugin 3.0.0 released http://pdfbox.apache.org/

Apache Qpid™ Dispatch –a router for the Advanced Message Queuing Protocol 1.0
 - Apache Qpid Dispatch 1.0.1 released http://qpid.apache.org/

Apache Subversion™ –universally recognized and adopted Open Source, centralized version control system.
 - Apache Subversion 1.10.0-rc1 released http://subversion.apache.org/

Did You Know?

 - Did you know that the following Apache projects are celebrating anniversaries this month? mod_perl (18 yrs); Struts (14 yrs); Jackrabbit (12 yrs); Phoenix (11 yrs); Archiva (10 yrs); Felix (11 yrs); Archiva (10 yrs); UIMA (8 yrs); Accumulo, Lucy, Sqoop (8 yrs); Bloodhound, CloudStack, cTAKES (5 yrs); Aurora, Polygene (4 yrs); and Sentry (2 yrs). Many happy returns! https://projects.apache.org/

 - Did you know that Apache CouchDB will be featured at the Women Who Code Boston meetup on 20 March? http://couchdb.apache.org/

 - Did you know that Apache CloudStack users may be impacted by the upcoming retirement of http://download.cloud.com ? http://cloudstack.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday February 26, 2018

Success at Apache: Contributing to Open Source even with a high-pressure job

by Anthony Shaw

I believe in the mission of the ASF for many reasons, but the first is the reason why I got into open-source software- free and open access to knowledge.

Back when I was age 12 (1998), I started to learn to program in dBase 4. dBase 4 and the compiler Clipper were not cheap, especially for a $5-a-week paper-round. The box with the software was unwanted by a local company and it came with the manuals. We didn't have the internet at home yet so I was left to go by the manual, and what I could find from second-hand stores and office cleanout sales. For the next decade, I learnt to case based on what I could find, borrow and scavange until in 2002 when I got a copy of Linux and assembled a couple of machines from unwanted parts from the village computer store.

This is where I discovered free and open-source software and really started to build on my coding skills.

My goals were to learn and to share what I'd learnt that others could get to where they needed to go faster. It also helped that software skills were well sought-after in Europe so it set off me in a career in IT.

20 years after I learnt to code, I've moved out of software-engineering and into Learning and Development at Dimension Data for a 29,000 person technology company that operates in 49 countries across the world. My current roles involves about 3-months a year of travel (15 countries typically), managing a department of over 30 people spread across 4 countries and 4 timezones and delivering on large and complex initiatives with high-degrees of change and short deadlines.

In 2016 I made a choice after getting promoted into my current role that I would continue to contribute to the open-source projects I'd worked on for years. But I set myself 3 rules;

1. I would not take away from time with my family
2. I would not interfere with my work commitments
3. I would look after my health

My open-source contributions

For the past 4 years I've made around 1,000-2,000 contributions annually. These have consisted of bug fixes, submissions, and to around 50 projects.

The largest contributions I've made have been to Apache Libcloud, a multi-cloud abstraction library written in Python. Initially this was driven by a work commitment to contribute an integration with the cloud API we'd designed, but I soon realised the power of the library. Going back to my original goal of free and open access to knowledge, I'd seen an alarming trend in the computing world. Proprietary APIs were driving what is known in the industry as "stickiness" or to be frank, lock-in.

Cloud lock-in means that anyone without access to a reliable network, money or willing to sign up to these contracts is being pushed out of advances in technology. I know developers that are students, in remote areas such as rural Australia, Asia and Africa, or those who simply have little money.

Apache Libcloud's design means that you can design applications which can be deployed to OSS platforms like Apache CloudStack and OpenStack.

After finishing the work driver around 100 hours developing a container abstraction layer for Apache Libcloud that meant that developers could write automation for OSS platforms like Kubernetes using the same API as you would with a public cloud provider.

This was all whilst managing family time, work commitment and my health.

These are my 3 tips for maintaining contributions with a high-pressure job:

1. Pick a project that you care about

This is the most important, something that just sparks your curiosity is good fun, but long term interest often dwindles. I've been victim of "ooh shiny thing" many times in the past, but as my career has taken off, I've had to develop the discipline to stop myself from writing my own scripting language, or building an automated sprinkler system from scratch. I stop and remind myself that I might have the time this second, but what about next week and next month? Stop and prioritise.

Prioritise projects that mean something to you.

The 2 OSS projects I commit the most to are Apache Libcloud and SaltStack. I believe in Apache Libcloud's mission of giving open-access to cloud platforms. My SaltStack contributions have been focused around cloud abstraction, networking API abstraction and other fixes and utilities that make it easier for developers and end-users.

The difference between picking something shiny and something you believe in is that long-term you commit more and you find it easier to jump in and help when you can. But how do you find the time?

2. Choosing your tasks wisely and making time

I get asked this question all the time, "how do you find the time". When I try and convince people to contribute to OSS the response is always about time.

Get rid of the things that don't add value

If you can afford to, hire help to give you back time in your week. Not only does open-source help with your skills and knowledge, but it increases your value to a potential employer. Hiring someone to blow the leaves, or help with the chores once a week doesn't need to cost a lot, but if you work out how much value you can get back from that time it often makes sense.

Another thing I've been strict about is binge-watching TV series and gaming. Playing 100-hours of the latest game might be fun, but I find developing more rewarding in the medium-to-long term. Find ways to unwind that don't consume so much time, like meditation, exercise, or reading.

But, if you do need to put your feet up and watch some TV for a few hours, don't feel guilty about it. 

Work smart, not hard

When I do sit down to contribute something, it'll have been carefully planned and thought through what I'm going to do, what I'm going to test and how I'm going to structure it. I try and complete tasks quickly, with foresight and a goal. Once I've completed this 1 module, with tests, I'll submit my contribution. Don't try and refactor the whole project over a weekend. Keep it simple.

But we all know sometimes the best plans go out the window. If you find yourself going down one of those rabbit holes, where you can't get something to compile or you can't debug one of those zombie bugs we love so much as developers.

Stop yourself.

You can easily sit until 3am banging your head against the wall trying to figure it out. This was my advice when I used to manage development teams. If you get stuck, take a break, ask for help and if that still doesn't work, move onto something else. 

Sometimes I pause working on a task if I can't figure it out. Pause for an hour, a week, or even a whole year. When you have one of those "aha" moments, you go back in and finish the job.

It saves time, it delivers better software and it's a good skill to have as a developer.

Find time

A contribution comes down to 3 things:

1. An idea
2. An understanding
3. A "change", like a fix, feature, test, code-review, documentation etc.

The ideas come to me through reading, listening to users or looking at bug submissions. I do this as and when I have a spare minute. This is normally on my lunch break, when I'm waiting for someone or something. 

The time for understanding I get by listening to podcasts and talking to people at conferences. I get a few hours a week in the car and I spend time doing some chores. During that time I always have headphones on to listen the newest Python podcast or OSS update.

The time to sit down and write, code, or test comes for me on the plane (where I'm writing this blog post!). Last year I did enough miles in the air to fly around the world 8 times, most of that time was spent coding, relaxing or sleeping. Aside from that, time spent in airport lounges, on the train or waiting for people I'll whip out my laptop. Any plane that has Wi-Fi I can push changes, else the minute we land I'll have a laptop open and running git push.

Weekend-time is off limits unless I'm travelling or I'm alone. That's rule 1 -- do not take away from time with the family.

3. Managing your workload and avoiding burnout

There are 2 components to this, managing your work commitment and managing your contributions. You need to do both to succeed. 

It's ok to stop and take a break. There is always a pull-request to merge, a bug to inspect, and an email from an end-user. If you need to take a break for a while, talk to the team, ask for help and be frank. We're all in the same boat, contribution is optional. 

So many times I see people contribution feeling like they have a complete obligation to test and fix bugs at 2am 
and then go to work at 8am. This is normally because they care about the project, they care about quality and they care about their reputation but sometimes you need to step back.

A strong project community will step up and help. If you know that work is going to be tough for the next few months, tell the team and set yourself a limit. Wind back for a bit until things calm down. 

Managing work commitments is tough, because there are often financial consequences (or at least a perception of them).

After 7 hours, you're not really adding value. I used to have a lounge-chair next to my desk and now I have a hammock as I work from home. After a few hours of solid concentration I'll happily go and sit down and do nothing for an hour. Your brain needs a break, sure you'll get the odd "working hard" jab from a passer by but I'm working smarter not harder. Once I'm refreshed I'll finish the next task about 30-40% quicker, to a better level of quality and insight. On the occasion I've done 12-14 hour work days, my brain is shutting down to conserve energy and your critical thinking is the first thing to switch off. Followed by logical thinking, this is where you make mistakes and deliver work that is less than a quality you'd normally expect.

I live close to the beach so my time out is going for a swim in the ocean or spending a bit of time with my family. As a manager I also see a responsibility to make it clear that it's encouraged to step back and recharge. Just in our chat-channel to say that I'll be offline for a couple of hours as I'm going to the beach mid-afternoon. I don't feel guilty about it and I hope they do the same.

Learn how to say no and don't feel guilty about it. When I coach people on this I ask, "who asked you to do this? Was no an option? What value is there in delivering this? What is consequence of not doing it? Who else could do it?"

Everyone wants to be helpful and indispensible, but your reliability is just as important to your reputation and what you deliver. 

Conclusion

Look after your health, be smart with your time and contribute for a cause.

Anthony Shaw is the Group Director of Innovation and Talent Development at Dimension Data, an NTT company. Anthony is an open-source advocate, member of the Apache Software Foundation and Python Software Foundation and active contributor to over 20 open-source projects including Apache Libcloud and SaltStack. At Dimension Data, Anthony is driving digital transformation for Dimension Data’s global clients across 50 countries and 30,000 employees. Key initiatives are software skills, automation, DevOps and Cloud. Anthony is based in Sydney, Australia and blogs about skills, software and automation to 170,000 readers annually.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) Scratch your own itch. https://s.apache.org/Apah 11) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 12) A Newbie's Narrative https://s.apache.org/A72H 13) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O

# # # 

Friday February 23, 2018

The Apache News Round-up: week ending 23 February 2018

We're closing out the month with the following activities from the Apache community:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - We are proud to be a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: learn how to get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield zippity performance at 99.97% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 406 Apache contributors changed 872,446 lines of code over 2,838 commits. Top 5 contributors, in order, are: Dewayne Richardson, Andi Huber, Dan Kirkwood, Daniel Sun, and Dan Haywood.

Apache Arrow™ –a cross-language development platform for in-memory data.
 - Apache Arrow JavaScript 0.3.0 released http://arrow.apache.org/

Apache Beam™ –a programming model, SDKs, and runners for defining and executing data processing pipelines.
 - Apache Beam 2.3.0 released https://beam.apache.org/

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-15696 Apache Geode configuration request authorization vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-GQLV_9Y56psCejkhA-B3jx4amnQP5AoVwURbzn%3DDCZOw%40mail.gmail.com%3E

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.5.0-beta-3 released https://groovy.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.4.20 released http://jackrabbit.apache.org/

Apache jclouds™ –an Open Source multi-cloud toolkit for the Java platform that gives you the freedom to create applications that are portable across clouds while giving you full control to use cloud-specific features.
 - Apache jclouds 2.1.0 released http://jclouds.apache.org/

Apache NetBeans (incubating) –a development environment, tooling platform and application framework.
 - Apache NetBeans (incubating) 9.0 Beta released http://netbeans.apache.org/

Apache Storm™ –a distributed, fault-tolerant, and high-performance realtime computation system that provides strong guarantees on the processing of data.
 - Apache Storm 1.0.6, 1.1.2, and 1.2.0 released http://storm.apache.org

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - CVE-2018-1304 Security constraints mapped to context root are ignored http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3C2a8f2292-2aee-d8fa-9ccc-d1f9b20d0eed%40apache.org%3E
 - CVE-2018-1305 Security constraint annotations applied too late http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3C8b41c43e-20cd-10d0-5e2e-e3947bd26a32%40apache.org%3E

Apache Wicket™ –an Open Source Java component oriented Web application framework that powers thousands of web applications and Web sites for governments, stores, universities, cities, banks, email providers, and more.
 - Apache Wicket 8.0.0-M9 released http://wicket.apache.org


Did You Know?

 - Did you know why companies sponsor ApacheCon? https://feathercast.apache.org/2016/05/09/why-did-you-sponsor-apachebigdata/

 - Did you know that German business management consultancy Ecomify uses Apache OFBiz? http://ofbiz.apache.org/

 - Did you know that Apache Zeppelin will be holding a get together at Strata 2018 in San Jose? http://zeppelin.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday February 16, 2018

The Apache News Round-up: week ending 16 February 2018

Happy Friday --let's review what the collective Apache community has been up to:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3
 - Next Board Meeting: 21 February. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield sensational performance at 99.95% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 547 Apache contributors changed 1,185,183 lines of code over 3,568 commits. Top 5 contributors, in order, are: Christopher Collins; Duo Zhang, Felix Schumacher, Andrea Cosentino, and Dan Haywood.

Apache CloudStack™ –Open Source enterprise Cloud orchestration platform.
 - The Apache Software Foundation Announces Apache® CloudStack® v4.11 https://s.apache.org/CloudStack411

Apache Commons™ Compress –defines an API for working with compression and archive formats.
 - Apache Commons Compress 1.16.1 released http://commons.apache.org/

Apache Curator™ –a Java/JVM client library for Apache ZooKeeper that includes a high-level API framework and utilities to make using Apache ZooKeeper much easier and more reliable.
 - Apache Curator 4.0.1 released http://curator.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.6.9 released http://jackrabbit.apache.org/

Apache JMeter™ –pure Java application for load and functional testing.
 - Apache JMeter 4.0 released http://jmeter.apache.org/
 - CVE-2018-1297: Apache JMeter uses an unsecure RMI connection in Distributed mode http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpaNzk5am8oFe07RQ-kynCsQv54yB-uYs9bEnz7tbX-O7g%40mail.gmail.com%3E
 - CVE-2018-1287: Apache JMeter binds RMI server to wildcard in distributed mode (based on RMI) http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpYsFx1%2Brwz1A%3Dmc7wAgbDHARyj1VrWNg41y9OySuL1mqw%40mail.gmail.com%3E

Apache JSPWiki™ –a feature-rich and extensible WikiWiki engine built around the standard JEE components (Java, servlets, JSP).
 - Apache JSPWiki 2.10.3 released http://jspwiki.apache.org/

Apache Oozie™ – a workflow scheduler system to manage Apache Hadoop jobs.
 - Apache Oozie 4.3.1 released http://oozie.apache.org
 - CVE-2017-15712: Apache Oozie Server vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCABBupGWtC2vN-JzXWeuDaN-_bP6yzRJhK%2BDAfr%3DgSGLZJGbFCQ%40mail.gmail.com%3E

Apache Phoenix™ –enables OLTP and operational analytics for Apache Hadoop by providing a relational database layer leveraging Apache HBase as its backing store. 
 - Apache Phoenix 5.0.0-alpha released https://phoenix.apache.org/

Apache Qpid™ –AMQP enterprise messaging implementation.
 - Apache Qpid Dispatch 0.8.1 released http://qpid.apache.org
 - CVE-2017-15699: Apache Qpid Dispatch Router Denial of Service Vulnerability when specially crafted frame is sent to the Router http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAO30oQd%3DUw5ovTGPX-NNEeMdrURYsxceXoHcULoJF4rToi6BMA%40mail.gmail.com%3E

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
- Apache Tomcat 7.0.85, 8.0.50, 8.5.28, and 9.0.5 released http://tomcat.apache.org/

Apache Wicket™ –an Open Source Java component oriented Web application framework that powers thousands of web applications and Web sites for governments, stores, universities, cities, banks, email providers, and more.
 - Apache Wicket 7.10.0 released http://wicket.apache.org


Did You Know?

 - Did you know that over the past decade, the ASF's Travel Assistance Committee has provided travel support to enable dozens of individuals across the globe to attend ApacheCon? https://www.apache.org/travel/

 - Did you know that the CFP for our Apache Roadshow Europe's host event, FOSS Backstage, closes on 18 February? https://foss-backstage.de/call-papers

 - Did you know that members of the Apache Big Data community will be on the "SMACK 2.0: Emerging Data Pipelines" panel at Index Developer Conference 20-22 February/San Francisco? https://developer.ibm.com/indexconf/sessions/#!/?id=5559 Sign up by 20 February and save $70 using discount code CD3ALEXY

Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache Big Data community will be at the Index Developer Conference 20-22 February/San Francisco. Sign up by 20 February and save $70 using discount code CD3ALEXY https://developer.ibm.com/indexconf/sessions/#!/?id=5559 

 - The Apache Tinkerpop community will be holding a MeetUp on Gremlin on 21 February in New York https://www.meetup.com/DataStax-UserGroup-NewYork/events/246762770/

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday February 12, 2018

The Apache Software Foundation Announces Apache® CloudStack® v4.11

Mature Open Source Enterprise Cloud platform powers billions of dollars in transactions for the world's largest Cloud providers.

Wakefield, MA —12 February 2018— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® CloudStack® v4.11, the latest version of the turnkey enterprise Cloud orchestration platform.

Apache CloudStack is the proven, highly scalable, and easy-to-deploy IaaS platform used for rapidly creating private, public, and hybrid Cloud environments. Thousands of large-scale public Cloud providers and enterprise organizations use Apache CloudStack to enable billions of dollars worth of business transactions annually across their clouds.

"This is another great release," said Wido den Hollander, Vice President of Apache CloudStack. "The community has worked very hard to develop great new features and many enhancements to CloudStack. Together we are making the project better every single day."

Apache CloudStack v4.11 features more than 250 new capabilities, such as improved integration, stability, storage, networking support, and performance. Highlights include:

  • new Host HA framework with an HA provider for KVM powered clouds;
  • new certificate authority framework to support ongoing  work in container & application clusters;
  • integration with Prometheus;
  • a connector for Cloudian Hyperstore S3 storage;
  • deeper integration with Nuage SDN; and
  • Layer 2 Networking capabilities.


The full list of new features can be found in the project release notes at http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.11.0.0/

"This release has been driven by the people operating CloudStack clouds,” said Rohit Yadav, Apache CloudStack v4.11 Release Manager. "I would like to thank the contributors across all of these organizations for supporting this release, which reflects both the user-driven nature of our community and the Apache CloudStack project's commitment to continue to be the most stable, easily deployable, scalable Open Source platform for IaaS. Along with great new features, v4.11 brings several important structural changes such as better support for systemd and Java 8, migration to embedded Jetty, and a new and optimized Debian 9 based systemvm template."

Apache CloudStack powers numerous elastic Cloud computing services, including solutions that have ranked as Gartner Magic Quadrant leaders. Highlighted in the Forrester Q4 2017 Enterprise Open Source Cloud Adoption report, Apache CloudStack "sits beneath hundreds of service provider clouds", including Fortune 5 multinational corporations. A list of known Apache CloudStack users are available at http://cloudstack.apache.org/users.html

"Apache CloudStack release 4.11 has impressive new content," said Kris Sterckx, CloudStack development lead at Nuage Networks. "More than any previous release, v4.11 leverages the value of Nuage Networks SDN with Nuage 5.0 support, SDN managed networks, per-interface DHCP options support and automation support for migrating deployed Apache CloudStack clouds from traditional Linux bridge networking to SDN/OVS based networking."

"At Interoute, we depend on Apache Cloudstack to help us deliver innovative and reliable IaaS services to our global customers," said Alex Mattioli, Chief Cloud Architect at Interoute. "The functionality in the 4.11 release shows that Cloudstack continues to be the most operator-focused IaaS platform available for large service providers, with a development community who are able to quickly develop what the market wants. Many of the features in this release have been created directly based on the needs of Interoute and our customers."

"Apache CloudStack 4.11 continues to bring innovative features and functionality to market through collaborative Open Source development," said Simon Weller, Director of Technology at Education Networks America. "We're particularly excited by the Host-HA framework, which brings a much greater level of hypervisor automation to KVM based service providers."

"Feedback from our community helps us solve real-world problems and strengthens our development process," added den Hollander. "I look forward to Apache CloudStack users and developers continuing to work closely together to make future releases even better!"

Catch Apache CloudStack in action 28 February 2018 at the German CloudStack Meetup in Frankfurt.

Availability and Oversight
Apache CloudStack software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache CloudStack, visit http://cloudstack.apache.org/ and https://twitter.com/CloudStack

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 680 individual Members and 6,500 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, ARM, Baidu, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, Huawei, IBM, Inspur, iSIGMA, ODPi, LeaseWeb, Microsoft, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Target, Union Investment, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "CloudStack", "Apache CloudStack", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday February 09, 2018

The Apache News Round-up: week ending 9 February 2018

We've had a great week! Here's what happened::

"Success at Apache" –the blog series from the Apache Community that focuses on why the ASF "just works".
 - A Newbie's Narrative by Kuhu Shukla https://s.apache.org/A72H

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3
 - Next Board Meeting: 21 February. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield ace stunning performance at 100% uptime! Go Infra! http://status.apache.org/

ASF Operations Factoid –this week, 524 Apache contributors changed 947,241 lines of code over 3,263 commits. Top 5 contributors, in order, are: Duo Zhang, Jean-Baptiste Onofré, Daniel Sun, Alex Harui, and Andrea Cosentino.

Apache Attic™ –provides process and solutions to make it clear when an Apache project has reached its end of life.
 - Apache ACE retired http://attic.apache.org/projects/ACE.html

Apache Allura™ –an Open Source implementation of a software forge, a Web site that manages source code repositories, bug reports, discussions, wiki pages, blogs, and more for any number of individual projects.
 - Apache Allura 1.8.0 released http://allura.apache.org/
 - CVE-2018-1299 Apache Allura directory traversal vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3Cecde8662-12c8-e921-f169-e7bd64967e31%40apache.org%3E

Apache Ant™ –a Java library and command-line tool that helps building software.
 - Apache Ant 1.9.10 and 1.10.2 released http://ant.apache.org/
 - CVE-2017-5645: Apache Ant 1.9.9 and 1.10.1 - Apache Log4j 1.2.13 security vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3C003501d39fe4%24bbe519f0%2433af4dd0%24%40org%3E

Apache Atlas™ –a scalable and extensible set of core foundational governance services.
 - Apache Atlas 0.8.2 released http://atlas.apache.org/

Apache Commons™ Compress –defines an API for working with compression and archive formats.
 - Apache Commons Compress 1.16 released http://commons.apache.org/compress/

Apache Geode™ –low latency, high concurrency Big Data management solutions.
 - Apache Geode 1.4.0 http://geode.apache.org/

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.17.1 and 2.16.1 released http://jackrabbit.apache.org/

Apache Knox™ –a REST API Gateway for providing secure access to the data and processing resources of Apache Hadoop clusters.
 - Apache Knox 1.0.0 released http://knox.apache.org/

Apache Lens™ –provides a Unified Analytics interface.
 - Apache Lens 2.7.1 released http://lens.apache.org/

Apache OODT™ –a software framework as well as an architectural style for the rapid construction of scientific data systems.
 - Apache OODT 1.2.1 released http://oodt.apache.org/

Apache Qpid™ –AMQP enterprise messaging implementation.
 - Apache Qpid Broker-J 7.0.1 released http://qpid.apache.org
 - [CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAP3WMuQ9dfe%3D3FCtqoZ1Q4xkFZZ%2Bogdqn6KVxyb_O4s5rLBwuw%40mail.gmail.com%3E

Apache Sling™ –a framework for RESTful Web-applications based on an extensible content tree.
 - Apache Sling 10 released https://sling.apache.org/

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - New version of the Apache Struts Maven Archetypes released http://struts.apache.org/maven-archetypes/


Did You Know?

 - Did you know that the ASF's original project --the HTTP Web Server-- is celebrating its 23rd anniversary this month? Many happy returns, httpd! http://httpd.apache.org/

 - Did you know that Apache Community Development (ComDev) publishes a monthly blog newsletter? Read up on the latest issue at https://s.apache.org/yBJh

 - Did you know that Apache Ignite has a user survey underway? Share your experience, contribute to the project's growth, and win $50 gift cards! https://www.surveymonkey.com/r/IgniteSurvey18


Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H


 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The Apache Tinkerpop community will be holding a MeetUp on Gremlin on 21 February in New York https://www.meetup.com/DataStax-UserGroup-NewYork/events/246762770/

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

- Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday February 05, 2018

Success at Apache: A Newbie’s Narrative

by Kuhu Shukla

As I sit at my desk on a rather frosty morning with my coffee, looking up new JIRAs from the previous day in the Apache Tez project, I feel rather pleased. The latest community release vote is complete, the bug fixes that we so badly needed are in and the new release that we tested out internally on our many thousand strong cluster is looking good. Today I am looking at a new stack trace from a different Apache project process and it is hard to miss how much of the exceptional code I get to look at every day comes from people all around the globe. A contributor leaves a JIRA comment before he goes on to pick up his kid from soccer practice while someone else wakes up to find that her effort on a bug fix for the past two months has finally come to fruition through a binding +1.

Yahoo – which joined AOL, HuffPost, Tumblr, Engadget, and many more brands to form the Verizon subsidiary Oath last year – has been at the frontier of open source adoption and contribution since before I was in high school. So while I have no historical trajectories to share, I do have a story on how I found myself in an epic journey of migrating all of Yahoo jobs from Apache MapReduce to Apache Tez, a then new DAG based execution engine.

Oath grid infrastructure is through and through driven by Apache technologies be it storage through HDFS, resource management through YARN, job execution frameworks with Tez and user interface engines such as Hive, Hue, Pig, Sqoop, Spark, Storm. Our grid solution is specifically tailored to Oath's business-critical data pipeline needs using the polymorphic technologies hosted, developed and maintained by the Apache community.

On the third day of my job at Yahoo in 2015, I received a YouTube link on An Introduction to Apache Tez. I watched it carefully trying to keep up with all the questions I had and recognized a few names from my academic readings of Yarn ACM papers. I continued to ramp up on YARN and HDFS, the foundational Apache technologies Oath heavily contributes to even today. For the first few weeks I spent time picking out my favorite (necessary) mailing lists to subscribe to and getting started on setting up on a pseudo-distributed Hadoop cluster. I continued to find my footing with newbie contributions and being ever more careful with whitespaces in my patches. One thing was clear – Tez was the next big thing for us. By the time I could truly call myself a contributor in the Hadoop community nearly 80-90% of the Yahoo jobs were now running with Tez. But just like hiking up the Grand Canyon, the last 20% is where all the pain was. Being a part of the solution to this challenge was a happy prospect and thankfully contributing to Tez became a goal in my next quarter.

The next sprint planning meeting ended with me getting my first major Tez assignment – progress reporting. The progress reporting in Tez was non-existent – "Just needs an API fix,"  I thought. Like almost all bugs in this ecosystem, it was not easy. How do you define progress? How is it different for different kinds of outputs in a graph? The questions were many.

I, however, did not have to go far to get answers. The Tez community actively came to a newbie's rescue, finding answers and posing important questions. I started attending the bi-weekly Tez community sync up calls and asking existing contributors and committers for course correction. Suddenly the team was much bigger, the goals much more chiseled. This was new to anyone like me who came from the networking industry, where the most open part of the code are the RFCs and the implementation details are often hidden. These meetings served as a clean room for our coding ideas and experiments. Ideas were shared, to the extent of which data structure we should pick and what a future user of Tez would take from it. In between the usual status updates and extensive knowledge transfers were made. 

Oath uses Apache Pig and Apache Hive extensively and most of the urgent requirements and requests came from Pig and Hive developers and users. Each issue led to a community JIRA and as we started running Tez at Oath scale, new feature ideas and bugs around performance and resource utilization materialized. Every year most of the Hadoop team at Oath travels to the Hadoop Summit where we meet our cohorts from the Apache community and we stand for hours discussing the state of the art and what is next for the project. One such discussion set the course for the next year and a half for me.

We needed an innovative way to shuffle data. Frameworks like MapReduce and Tez have a shuffle phase in their processing life cycle wherein the data from upstream producers is made available to downstream consumers. Even though Apache Tez was designed with a feature set corresponding to optimization requirements in Pig and Hive, the Shuffle Handler Service was retrofitted from MapReduce at the time of the project's inception. With several thousands of jobs on our clusters leveraging these features in Tez, the Shuffle Handler Service became a clear performance bottleneck. So as we stood talking about our experience with Tez with our friends from the community, we decided to implement a new Shuffle Handler for Tez. All the conversation points were tracked now through an umbrella JIRA TEZ-3334 and the to-do list was long. I picked a few JIRAs and as I started reading through I realized, this is all new code I get to contribute to and review. There might be a better way to put this, but to be honest it was just a lot of fun! All the white boards were full, the team took walks post lunch and discussed how to go about defining the API. Countless hours were spent debugging hangs while fetching data and looking at stack traces and Wireshark captures from our test runs. Six months in and we had the feature on our sandbox clusters. There were moments ranging from sheer frustration to absolute exhilaration with high fives as we continued to address review comments and fixing big and small issues with this evolving feature.

As much as owning your code is valued everywhere in the software community, I would never go on to say “I did this!” In fact, “we did!” It is this strong sense of shared ownership and fluid team structure that makes the open source experience at Apache truly rewarding. This is just one example. A lot of the work that was done in Tez was leveraged by the Hive and Pig community and cross Apache product community interaction made the work ever more interesting and challenging. Triaging and fixing issues with the Tez rollout led us to hit a 100% migration score last year and we also rolled the Tez Shuffle Handler Service out to our research clusters. As of last year we have run around 100 million Tez DAGs with a total of 50 billion tasks over almost 38,000 nodes.

In 2018 as I move on to explore Hadoop 3.0 as our future release, I hope that if someone outside the Apache community is reading this, it will inspire and intrigue them to contribute to a project of their choice. As an astronomy aficionado, going from a newbie Apache contributor to a newbie Apache committer was very much like looking through my telescope - it has endless possibilities and challenges you to be your best.

Kuhu Shukla is a software engineer at Oath and did her Masters in Computer Science at North Carolina State University. She works on the Big Data Platforms team on Apache Tez, YARN and HDFS with a lot of talented Apache PMCs and Committers in Champaign, Illinois. A recent Apache Tez Committer herself she continues to contribute to YARN and HDFS and spoke at the 2017 Dataworks Hadoop Summit on "Tez Shuffle Handler : Shuffling At Scale With Apache Hadoop". Prior to that she worked on Juniper Networks' router and switch configuration APIs. She likes to participate in open source conferences and women in tech events. In her spare time she loves singing Indian classical and jazz, laughing, whale watching, hiking and peering through her Dobsonian telescope.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) Scratch your own itch. https://s.apache.org/Apah 11) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 12) A Newbie's Narrative https://s.apache.org/A72H

# # #  

Friday February 02, 2018

The Apache News Round-up: week ending 2 February 2018

Hello, February. Let's review what the Apache community have been busy with over the past week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3
 - Next Board Meeting: 21 February. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - The Apache® Software Foundation Announces ApacheCon™ and Supporting Global Events https://s.apache.org/O3B3

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield ace spectacular at 99.99% uptime http://status.apache.org/

ASF Operations Factoid –this week, 524 Apache contributors changed 1,300,623 lines of code over 3,553 commits. Top 5 contributors, in order, are: Nick Couchman, Benoit Tellier, Duo Zhang, Yang Li, and Jean-Baptiste Onofré.

Apache BookKeeper™ –a scalable, fault-tolerant, and low-latency storage service optimized for real-time workloads.
 -Apache BookKeeper 4.6.1 released https://bookkeeper.apache.org/

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.17.1 released http://jackrabbit.apache.org/

Apache Kibble™ –Open Source tools used for collecting, aggregating and visualizing software project activity.
 - The Apache Software Foundation Announces Apache® Kibble™ as a Top-Level Project https://s.apache.org/wMMa

Apache NiFi™ –supports powerful and scalable directed graphs of data routing, transformation, and system mediation logic.
 - Apache NiFi MiNiFi C++ 0.4.0 released https://nifi.apache.org/minifi

Apache POI™ –APIs for manipulating various file formats based upon Open Office XML (ECMA-376) and Microsoft's OLE 2 Compound Document formats using pure Java.
 - CVE-2017-12626 – Denial of Service Vulnerabilities in Apache POI http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3C1190211676.1193152.1516995087060%40mail.yahoo.com%3E

Apache Qpid™ –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464).
 - Apache Qpid JMS 0.29.0 and Proton 0.20.0 released http://qpid.apache.org/

Apache Sqoop™ –a tool designed for efficiently transferring bulk data between Apache Hadoop and structured datastores, such as relational databases.
 - Apache Sqoop 1.4.7 released http://sqoop.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - CVE-2017-15698 Apache Tomcat Native Connector - OCSP check omitted http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3C6fa14400-328f-a4a5-7f24-5cd40868bf78%40apache.org%3E
 - CVE-2017-15706 Apache Tomcat Incorrectly documented CGI search algorithm http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3Ce5f20acd-4241-505d-f340-d62b6dd2d306%40apache.org%3E

Apache Yetus™ –a collection of libraries and tools that enable contribution and release processes for software projects.
 - Apache Yetus 0.7.0 released https://yetus.apache.org/


Did You Know?

 - Did you know that the ASF's original project --the HTTP Web Server-- is celebrating its 23rd anniversary this month? Many happy returns, httpd! http://httpd.apache.org/

 - Did you know that Apache Spark has won an InfoWorld Technology of the Year award? https://www.infoworld.com/article/3252231/application-development/technology-of-the-year-2018-the-best-hardware-software-and-cloud-services.html

 - Did you know that the Åland Islands Library uses Apache Wicket? http://wicket.apache.org/


Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The ASF will be back at FOSDEM in Brussels 3-5 February 2018. We'll see you there! https://fosdem.org/2018/

 - The ASF is a Developer Week Community Partner 3-7 February in San Franciso https://blogs.apache.org/comdev/entry/apache-software-foundation-community-sponsor

 - The Apache Tinkerpop community will be holding a MeetUp on Gremlin on 21 February in New York https://www.meetup.com/DataStax-UserGroup-NewYork/events/246762770/

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Tuesday January 30, 2018

The Apache Software Foundation Announces Apache® Kibble™ as a Top-Level Project

Open Source tools used for collecting, aggregating and visualizing software project activity.

Wakefield, MA —30 January 2018— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Kibble™ as a Top-Level Project (TLP).

Apache Kibble is an activity reporting platform created to collect, aggregate, analyze, and visualize activity in software projects and communities. With Kibble, users can track a project's code, discussions, issues, and individuals through detailed views mapped across specified time periods.

"We are passionate about solving hard problems, particularly as they relate to defining and measuring a project's success," said Rich Bowen, Vice President of Apache Kibble. "As doing so is notoriously difficult, we want to provide a set of tools that allow a project to define success, and track their progress towards that success, in terms that make the most sense for their community. Apache Kibble is a way to make this happen."

Apache Kibble is the latest project to enter the ASF directly as a Top-Level Project, bypassing the Apache Incubator (the official entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation). As part of its eligibility, Apache Kibble had to meet the many requirements of the Apache Maturity Model http://s.apache.org/O4p that include a project’s code, copyright, licenses, releases, consensus building, independence, and more.

Kibble is the Open Source edition of Snoot, the enterprise project and community reporting platform used by dozens of Apache projects as well as by the ASF for its official reports including the ASF Annual Report.

"By gaining an in-depth view into the ASF's operations through 1,433 Apache project repositories, we are able to obtain performance metrics for more than 300 Apache projects and nearly 900 million code line changes by more than 6,500 contributors," said Sally Khudairi, Vice President of Marketing and Publicity at The Apache Software Foundation. "We are excited to share the ability to provide insight with projects of all kinds, and help their communities identify trends and advance their impact."

"We're getting input and data from both a wide range of Apache projects as well as projects from outside of the foundation," added Bowen. "We're also collecting historical metrics from older projects with their rich history of successes and mistakes. They have a great deal of history and passion around measuring their communities, and hearing from disparate projects is helping to refine that vision. We would love to hear from more projects about what metrics are important to track, and invite their communities to join our mailing lists to discuss how we can help one another."

Catch Apache Kibble in action at FOSDEM, 3-4 February 2018 in Brussels.

Availability and Oversight
Apache Kibble software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache Kibble, visit http://kibble.apache.org/ and https://twitter.com/ApacheKibble

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 680 individual Members and 6,500 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, ARM, Baidu, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, Huawei, IBM, Inspur, iSIGMA, ODPi, LeaseWeb, Microsoft, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Target, Union Investment, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Kibble", "Apache Kibble", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Monday January 29, 2018

The Apache Software Foundation 2018 Vision Statement

The Apache Software Foundation describes its Vision Statement, the basis for the 5-year strategic plan in development.

Our mission is to support communities that create and distribute Open Source software at no charge under the Apache License, per our Bylaws. To this end we provide mentoring, virtual collaboration space, and resources for project communities to develop, steward, and incubate Open Source software under our legal umbrella.

We are strongly committed to our projects' independence from any external influences, be they corporate, organizational or otherwise. This allows us to provide a neutral environment for our communities.

As a Foundation we intentionally do not define a technical strategy: that is determined by our projects. The Foundation's goals center on communities, as opposed to technologies.

The Foundation is managed and directed by its Members, who are individual volunteers. Companies or organizations can neither be members of the Foundation, nor take a role in the governance of our projects.

We help our communities understand and adopt the Apache Way, a collection of documented practices for collaboration and project sustainability that we amend on an ongoing basis.

We expect our community members to act as individuals. Their rights and responsibilities are based solely on their merit, defined by what they individually do in project communities, not on any external affiliation, title, or degree they may have, nor on their contributions to external projects or other organizations. We expect all Apache community members to adhere to our established Code of Conduct.

We provide highly reliable and automated core infrastructure services to our projects. We permit projects to use external non-core services based on their specific needs, allowing our own services to remain simple and focused. For durability, all our critical data and services are managed or mirrored on systems that we fully control.

Our marketing and outreach is focused on activities that directly support our mission, educate the public about Apache projects and the Apache Way, and help attract the types of communities for which our Foundation is a suitable home.

Our fundraising-related activities help identify and retain sponsors and financial contributions on which our operations depend. We welcome donations from corporations and individuals who support our mission.

We provide our projects legal and brand management services based on demonstrated needs, and define policies and best practices to help our projects benefit from the strong Apache brand in an appropriate way.

We welcome new projects via our Incubator, where experienced mentors help guide them to operate as Apache community-led projects. As Incubation is where diverse communities are defined, we put a strong emphasis on coaching to promote self-governance and preserve our core values as the Foundation grows.

# # #

The Apache® Software Foundation Announces ApacheCon™ and Supporting Global Events

World's largest Open Source foundation expands conference participation to serve Apache's diverse projects and their growing communities.

Wakefield, MA —29 January 2018— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, today announced ApacheCon™ and supporting events for 2018.

For two decades, ApacheCon, the ASF's official conference series, has brought forth the latest developments in ubiquitous Apache projects and emerging innovations through hands-on sessions, keynotes, real-world case studies, trainings, hackathons, and more. Apache Roadshows are smaller, focused, regional events that highlight "Apache Way" principles and select Apache projects.

ApacheCon attendees stay informed by:
  • Learning how it's done. From technical development to leading community-driven projects "The Apache Way";

  • Discovering upcoming innovations. Tomorrow’s technology today is undergoing development at the Apache Incubator; and

  • Connecting with the people behind some of the most widely used projects in Open Source.

ApacheCon and Apache Roadshows

"ApacheCon showcases dozens of Apache projects, from ideation to deployment, presented by some of the best technical minds in the world," said Rich Bowen, Vice President of ASF Conferences. "Our sessions are aimed at a broad audience, from seasoned professionals to novices who want to learn what's new and how it all fits in to the greater Open Source ecosystem. We're proud to bring together Apache users with the projects and communities that improve their work and further their careers."

ApacheCon North America will be held 24-28 September 2018 in Montreal, Canada. Event details will be announced in the near future; updates will be posted at https://twitter.com/ApacheCon , http://apachecon.com/ and the ApacheCon mailing list (sign up for updates by sending email to <announce-subscribe@apachecon.com> ). For Sponsorship opportunities, contact Kevin A. McGrail at kmcgrail(at)apache(dot)org.

The 2018 Apache EU Roadshow will be colocated with FOSS Backstage in Berlin 13-14 June. The Roadshow is free of charge to FOSS Backstage attendees and will feature an Apache Lounge, 2 Apache Devrooms with two full tracks, a shared Apache/FOSS Backstage Devroom with presentations and workshops, plus places to program, network, and relax. For more information, visit https://foss-backstage.de/


Apache Community Events

The ASF is expanding its involvement in third-party events, particularly those that are built around Apache software. Many of these events are directed by members of the Apache community, and complement the ApacheCon and Apache Roadshow programs.

The ASF's participation in these events is overseen by members of the ASF Community Development program, which provides guidance and mentoring for individuals and projects seeking to become part of the greater Apache community. 

"Events are a great way to connect with the Apache community," said Sharan Foga, Vice President of ASF Community Development. "We look forward to meeting more members of our increasingly diverse community, and helping promote project and community development 'the Apache Way'."

Meet members of the Apache community at presentations and the Apache booth during the following events:

Additional events include:
  • Kafka Summit - 23-25 February 2018 in London
  • DataWorks Summit - 16-19 April 2018 in Berlin, and 17-21 June 2018 in San Jose
  • Spark Summit - 4-7 June 2018 in San Francisco
  • Open Source Summit North America - 29 August - 1 September 2018 in Vancouver
  • Solutions Hamburg - 12-15 September 2018 in Hamburg
  • Kafka Summit - 16-18 October 2018 in San Francisco
  • Open Source Summit Europe - 22-25 October 2018 in Edinburgh
  • Spark Summit Europe - 24-27 October 2018 in Dublin 

Learn more about Apache Community Development at http://community.apache.org/ and https://twitter.com/ApacheCommunity

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server —the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 680 individual Members and 6,500 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, ARM, Baidu, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, Huawei, IBM, Inspur, iSIGMA, ODPi, LeaseWeb, Microsoft, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Target, Union Investment, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Kafka", "Apache Kafka", "Spark", "Apache Spark", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday January 26, 2018

The Apache News Round-up: week ending 26 January 2018

Here's hoping you had a great week. The Apache community has been working on:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 February. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield ace performance at 99.69% uptime http://status.apache.org/

ASF Operations Factoid –this week, 519 Apache contributors changed 1,071,102 lines of code over 3,235 commits. Top 5 contributors, in order, are: Jeff Elsloo, Tellier Benoit, Andi Huber, Junkai Xue, and Gary Gregory.

Apache Guacamole™ –a clientless remote desktop gateway that supports standard protocols like VNC, RDP, and SSH.
 - Apache Guacamole 0.9.14 released https://guacamole.apache.org/

Apache HttpComponents™ –a set of HTTP/1.1 and HTTP/2 transport components used to build custom client and server side HTTP services with a minimal footprint.
 - Apache HttpComponents Client 4.5.5 GA released http://hc.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit 1.0.41 and Jackrabbit Oak 1.2.28 released http://jackrabbit.apache.org/

Apache NiFi™ –an easy to use, powerful, and reliable system to process and distribute data.
 - Apache NiFi MiNiFi 0.4.0 released https://nifi.apache.org/

Apache Phoenix™ –enables OLTP and SQL-based operational analytics for Apache Hadoop.
 - Apache Phoenix 4.13.2 for CDH 5.11.2 released http://phoenix.apache.org/

Apache Taverna (incubating) –domain-independent suite of tools used to design and execute data-driven scientific workflows, combining WSDL/REST Web Services and local tools.
 - Apache Taverna Server 3.1.0-incubating released https://taverna.incubator.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - Apache Tomcat 7.0.84, 8.0.49, 8.5.27, and 9.0.4 released http://tomcat.apache.org/


Did You Know?

 - Did you know that in 2017 the Top 10 most active Apache project mailing lists (dev + user) were, in order: Flex, Lucene, Ignite, Kafka, Geode, Flink, Tomcat, Cassandra, Beam, and Sentry? https://s.apache.org/h8do

 - Did you know that Spotify uses Apache Hadoop and Apache Crunch to process terabytes of user data each day? http://hadoop.apache.org/ and http://crunch.apache.org/

 - Did you know that the 2018 Apache EU Roadshow will be held during FOSS Backstage 13-14 June in Berlin? https://foss-backstage.de/


Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The Apache Wicket community will be holding a MeetUp on 24 January in Hydrabad https://www.meetup.com/jughyderabad/events/246743640/?_cookie-check=sA8sdSu69o0Dk0zY

 - The ASF will be back at FOSDEM in Brussels 3-5 February 2018. We'll see you there! https://fosdem.org/2018/

 - The ASF is a Developer Week Community Partner 3-7 February in San Franciso https://blogs.apache.org/comdev/entry/apache-software-foundation-community-sponsor

 - The Apache Tinkerpop community will be holding a MeetUp on Gremlin on 21 February in New York https://www.meetup.com/DataStax-UserGroup-NewYork/events/246762770/

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday January 19, 2018

The Apache News Round-up: week ending 19 January 2018

Happy Friday --we've had quite a week! Let's take a look at what happened:

Support Apache –help offset the ASF's day-to-day operating expenses. Every dollar counts.
 - The Apache Software Foundation Receives Bitcoin Donation from Pineapple Fund Valued at $1M https://s.apache.org/udGT

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 February. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield clever performance at 99.70% uptime http://status.apache.org/

ASF Operations Factoid –this week, 441 Apache contributors changed 1,279,610 lines of code over 2,700 commits. Top 5 contributors, in order, are: Alex Harui, Thiago Veronezi, Duo Zhang, Mark Thomas, and Gary Gregory.

Apache HBase™ –an Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.0.0-beta-1 released https://hbase.apache.org/

Apache HttpComponents™ –a set of HTTP/1.1 and HTTP/2 transport components used to build custom client and server side HTTP services with a minimal footprint.
 - Apache HttpComponents Core 5.0 beta2 and HttpComponents Client 5.0 beta1 released http://hc.apache.org/

Apache Impala™ –a high-performance distributed SQL engine.
 - Apache Impala 2.11.0 released https://impala.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.6.8 released http://jackrabbit.apache.org/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 7.2.1 and Apache Solr 7.2.1 released http://lucene.apache.org/

Apache NiFi™ –an easy to use, powerful, and reliable system to process and distribute data.
 - Apache NiFi 1.5.0 released https://nifi.apache.org/

Apache Qpid™ –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org).
 - Apache Qpid Proton-J 0.25.0 released http://qpid.apache.org/

Apache Traffic Server™ –a fast, scalable and extensible HTTP/1.1 compliant caching proxy server.
 - Apache Traffic Server v7.1.2 released https://trafficserver.apache.org/

Did You Know?

 - Did you know that in 2017 the Top 5 Apache Project Repositories by Size (Lines of Code) were: OpenOffice (6,375,345); Netbeans (5,536,881); Flex (whiteboard: 5,164,279; SDK 3,919,006); Trafodion (3,077,781); and Mynewt (core: 2,748.040)? https://s.apache.org/h8do

 - Did you know that Apache OFBiz offers a full range of Open Source ERP solutions, including advanced eCommerce, catalog management, manufacturing and POS modules, and accounting functions for Windows, Mac, and Linux? http://ofbiz.apache.org

- Did you know that the Apache community will be at Berlin Buzzwords again this year? We'll see you there! https://berlinbuzzwords.de/


Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The Apache Wicket community will be holding a MeetUp on 24 January in Hydrabad https://www.meetup.com/jughyderabad/events/246743640/?_cookie-check=sA8sdSu69o0Dk0zY

 - The ASF will be back at FOSDEM in Brussels 3-5 February 2018. We'll see you there! https://fosdem.org/2018/

 - The Apache Tinkerpop community will be holding a MeetUp on Gremlin on 21 February in New York https://www.meetup.com/DataStax-UserGroup-NewYork/events/246762770/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Thursday January 18, 2018

The Apache® Software Foundation Receives Bitcoin Donation from Pineapple Fund Valued at $1M

Charitable donation helps underwrite the world's largest Open Source foundation, benefiting billions of users who depend on Apache's freely-available Open Source community-driven software.

Forest Hill, MD —18 January 2018— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today that it has received a 88.34 Bitcoin (BTC) donation from the Pineapple Fund, valued at $1M at the time of the donation.

"Cryptocurrency is a fascinating way to support the ASF," said Kevin A. McGrail, ASF Vice President of Fundraising. "We look forward to using Pineapple Fund's donation to enhance our mission to provide Open Source software that is intrinsic to computing, from Web servers to smartphones to Cloud computing to the next evolutionary technology." 

The Pineapple Fund is a project donating 5500 BTC (~$86M) to various charities around the world, with the goal of making "bold and smart bets that will impact everyone in our world". https://pineapplefund.org/

In addition to the Pineapple Fund's charitable donation, the ASF receives financial support from corporate sponsors and individual donors. These essential funds help the ASF ensure that Apache software projects continue to be available to users around the world at absolutely no cost.

As a United States private, 501(c)(3) not-for-profit charitable organization, the ASF is funded through tax-deductible contributions from corporations, foundations, and private individuals. Their collective contributions offset day-to-day operating expenses such as bandwidth and connectivity, servers and hardware, legal and accounting services, brand management and public relations, general office expenditures, and support staff. Approximately 75% of the ASF's annual budget is dedicated to running critical infrastructure support services that keep Apache services running 24x7x365 at near 100% uptime.

There are two ways to help the ASF reach its financial goals:

  1. Individual Donations --for one-off or recurring gifts of any size, via credit card, PayPal, ACH, and more;

  2. ASF Sponsorship program --for organizations, individuals, foundations, and endowments contributing $6,000 or more.

For information on supporting the ASF, please visit http://apache.org/foundation/contributing.html

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 680 individual Members and 6,500 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hewlett Packard, Hortonworks, Huawei, IBM, Inspur, iSIGMA, ODPi, LeaseWeb, Microsoft, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Target, Union Investment, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache" and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners. 

# # #

Friday January 12, 2018

The Apache News Round-up: week ending 12 January 2018

Wow: it's Friday already! Let's review what happened over the past week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 January. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield great performance at 99.93% uptime http://status.apache.org/

ASF Operations Factoid –this week, 390 Apache contributors changed 688,481 lines of code over 2,224 commits. Top 5 contributors, in order, are: Tellier Benoit, Daniel Sun, Stian Soiland-Reyes, Mark Thomas, and Adam Soroka.

Apache Geode™ –low latency, high concurrency Big Data management solutions
 - CVE-2017-9795 Apache Geode OQL method invocation vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3CCAEwge-FTf8zMT-U2XuHRv8L9ksiQExKMExOoR0Rp0W2TvpO1oA%40mail.gmail.com%3E
 - CVE-2017-9796 Apache Geode OQL bind parameter vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3CCAEwge-FmJu4wu9Q14iOFkD3RK3KZJqFazi%3Dx8F1JpF%2B9BQXC-A%40mail.gmail.com%3E
 - CVE-2017-12622 Apache Geode gfsh authorization vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3CCAEwge-FQAHe37U1zdM19NCj8NkAuyVUx7%3Dii5WHz_3%3DEY%2BBkLw%40mail.gmail.com%3E

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.0.40, 1.4.19 and 1.8.0 released http://jackrabbit.apache.org/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - CVE-2017-5878 - RED5/AMF Unmarshalling RCE http://mail-archives.apache.org/mod_mbox/www-announce/201801.mbox/%3CCAJmbs8iP-Qyjx%2B0_X16V4Wwah-3%3DdvrkfDXD24xyf7K14Bquyg%40mail.gmail.com%3E

Apache Sentry™ –a system to enforce fine grained role based authorization to data and metadata stored on a Hadoop cluster. - Apache Sentry 1.7.1 released http://sentry.apache.org/

Apache Trafodion™ –mature Big Data database management system for working in SQL at Apache Hadoop-scale levels.
- The Apache Software Foundation Announces Apache® Trafodion™ as a Top-Level Project https://s.apache.org/gCIX

Did You Know?

 - Did you know that the ASF has 1,131 mailing lists? Over the past year, 21,772 authors sent 1,617,547 emails on 642,005 topics! https://s.apache.org/h8do

 - Did you know that Apache JSPWiki now supports SheetJS for reading and displaying Excel and CSV files directly in wiki pages? http://jspwiki.apache.org/

- Did you know that the ASF will be exhibiting at FOSDEM again this year? Do stop by and say hello to many members of the Apache Community! http://community.apache.org/calendars/


Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The ASF will be back at FOSDEM in Brussels 3-5 February 2018. We'll see you there! https://fosdem.org/2018/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation