Entries tagged [foundation]

Friday November 27, 2020

The Apache News Round-up: week ending 27 November 2020

Farewell, November --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 16 December 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - all videos from ApacheCon@Home now available at https://www.youtube.com/c/TheApacheFoundation/  

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 291 Apache Committers changed 503,622 lines of code over 2,498 commits. Top 5 contributors, in order, are: Gary Gregory, Oleg Kalnichevski, Pavel Tupitsyn, Till Rohrmann, and Andrea Cosentino.                

Apache Project Announcements – the latest updates by category.

API --
 - Apache APISIX Dashboard 2.0 and Dashboard 2.1 released https://apisix.apache.org/

Application Performance Monitoring --
 - Apache SkyWalking Python 0.4.0 released http://skywalking.apache.org/

Big Data --
 - Apache ShardingSphere UI 5.0.0-alpha released http://shardingsphere.apache.org/

Blockchain --
 - Apache Tuweni (Incubating) 1.3.0 released https://tuweni.apache.org/

Data Management Platform --
 - Apache Unomi CVE-2020-13942 Remote Code Execution in Unomi https://s.apache.org/u0gg5

Libraries --
 - Apache Daffodil (Incubating) 3.0.0 https://daffodil.apache.org/

Messaging --
 - Apache Qpid Proton 0.33.0 and JMS 0.55.0 released http://qpid.apache.org/

Servers --
 - Apache Tomcat 7.0.107 available http://tomcat.apache.org/

Web Frameworks --
 - Apache Wicket 8.11.0 and 9.2.0 released https://wicket.apache.org/

 
Did You Know?

- Did you know that you can help secure the future of Apache? Your tax-deductible contribution helps the ASF steward, develop, incubate, and make $20B+ worth of Apache software free to all at 100% no cost. Thank you for making a one-time or monthly donation https://donate.apache.org

- Did you know that Pulsar Summit Asia is taking place this weekend? Join the Apache Pulsar community 28-29 November online: sign up today --free-of-charge https://pulsar-summit.org/

- Did you know that the Apache TVM (incubating) community is holding its annual TVM Conference online 2-4 December 2020? Register for this free-to-participate event https://tvmconf.org/ 

Apache Community Notices

- Apache Month In Review: October 2020 https://s.apache.org/Oct2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Friday November 20, 2020

The Apache News Round-up: week ending 20 November 2020

Happy Friday! Here's what the Apache community has been up to this week:

Inside Infra – the interview series featuring members of the ASF Infrastructure team.
 - Gavin McDonald --Part II https://s.apache.org/InsideInfra-Gavin2 

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 16 December 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - ApacheCon@Home sessions now online at https://www.youtube.com/c/TheApacheFoundation/  

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.74%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 310 Apache Committers changed 806,646 lines of code over 3,127 commits. Top 5 contributors, in order, are: Jarek Potiuk, Kaxil Naik, Andrea Cosentino, Mark Miller, and Maruan Sahyoun.            

Apache Project Announcements – the latest updates by category.

Application Performance Monitoring --
 - Apache SkyWalking Could on Kubernetes 0.1.0 and SkyWalking Client JS version 0.2.0 released http://skywalking.apache.org/ 

Big Data --
 - Apache BookKeeper 4.11.1 released http://bookkeeper.apache.org/ 
 - Apache ShardingSphere 5.0.0-alpha released http://shardingsphere.apache.org/ 

Content --
 - Apache Jackrabbit Oak 1.36 released http://jackrabbit.apache.org/ 

Libraries --
 - Apache Log4j 2.14.0 released http://logging.apache.org/
 - Apache CXF CVE-2020-13954 Reflected XSS in the services listing page via the styleSheetPath https://s.apache.org/tsb9p

Messaging --
 - Apache Qpid Proton-J 0.33.8 released http://qpid.apache.org/

Servers --
 - Apache Tomcat 8.5.60, 9.0.40, and 10.0.0-M10 available http://tomcat.apache.org/

 
Did You Know?

- Did you know that the following Apache projects are celebrating their anniversaries this month? Three cheers to Apache Ant (18 years); HttpComponents (13 years); Attic, Buildr, CouchDB, and Qpid (12 years); Community Development ("ComDev", 11 years); OODT and ZooKeeper (10 years); Kafka and Syncope (8 years); Ambari (7 years); BookKeeper, Drill, and MetaModel (6 years); Brooklyn, Groovy, Kylin, and REEF (5 years); Geode (4 years); Guacamole, Impala, and Mnemonic (3 years); Griffin (2 years); and Petri (1 year). Many happy returns! https://projects.apache.org/committees.html?date 

- Did you know that you can make a tax-deductible individual or corporate contribution to the ASF to help us continue to provide more than $20B worth of software to the public at 100% no cost? Donate today at https://donate.apache.org/ 

- Did you know that Alibaba’s real-time computing platform processed data streams totaling 4 billion items per second during Singles Day, the largest global online shopping event, using Apache Flink? https://flink.apache.org/ 

- Did you know that more than 300 videos from ApacheCon@Home are now available, including keynotes, plenaries, and sessions on Big Data, Clinical Data, Community, Content Delivery, Fintech, Incubator, Integration, IoT, Machine Learning, Mobile, Observability, Search, Servers, Streaming, and more are now available? https://www.youtube.com/c/TheApacheFoundation/ 

Apache Community Notices

- Apache Month In Review: October 2020 https://s.apache.org/Oct2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Tuesday November 17, 2020

Inside Infra: Gavin McDonald --Part II

The "Inside Infra" series with members of the ASF Infrastructure team continues with Part II of the interview with Gavin McDonald, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity.



"...you don't know you need somebody until somebody like that arrives."

Earlier you mentioned growth: preparing for growth and being able to accommodate that growth. What areas are you guys experiencing the biggest growth? Is there a specific type of request that's coming in more than others? I'm hearing all the time when I'm dealing with our  Targeted Sponsors, for example, I'm hearing "We need more CI. We want more services in this area. We want more credits." What is it that you guys are feeling, or what are you dealing with in terms of big picture? What's the biggest demand, where are things coming from?

Yeah, as far as I'm concerned you're spot on with CI.

… That's you.

I mean it's not me totally. I have been concentrating on it more as others have been concentrating on other things, yes. Jenkins for example, we had this one --I call it a mega monolith of a service that had all the project services that was on one server, one Jenkins instance. And it was the same instance being upgraded for the last 10 years. So it was time to migrate it, so it's been migrated to five smaller Jenkins services.

BuildBot is also being upgraded and moved to a bigger server. You've got actually Travis is being used to its full capacity.

What does that mean, "to its full capacity"?

When Travis came out, projects started using it, and we're now at the stage where it's at the full capacity ASF is provided.

Oh okay. So if they're giving us 20 whatever, we're at 20.

Right. It's not unlimited. This is why a lot of projects have decided to start moving to GitHub actions, which is also not unlimited. So the more that's provided, the more is needed. I don't think we'll ever keep up with the pace.

Greg says that often. When I talk to him about donations and things like that coming from different companies, he just says "more" and "more" and "more", so he's not exaggerating, right?

No, no, he's not exaggerating.

... If we offer, they'll take it?

Yeah. There's ways in which projects can use CI in the same way they can use other things. And they will use everything that's given to them.

… Insatiable need.

Yeah. Not understanding that there's 300 other Projects that could be using those same services. But there's a few beginning to realize, and there's talks on certain mailing lists that how can we make this more efficient, how can we projects help each other in managing the best usage of these services that we've got. Because they don't want to have it all. They've just been creating whatever they feel is needed for their project. Then sometime later they realize, "Oh, I'm using 80% of what everyone's been given."

… So it's not malicious, just a lack of awareness. When you guys get a new service do you go, "Hi PMCs, we have this thing, there's 20 units available, use with your discretion," or does someone say, "Hey, Infra has this now. We're going to run and take it all," without realizing they're taking it all. How do you introduce new services to the projects? I'm curious because I never see that side of the activity.

Sometimes it's via the mailing list, users@infra. Projects can come to us and ask questions on that mailing list if it's not appropriate for a Jira ticket. People join that mailing list because they're interested in what Infra is up to. So we use that mailing list as a heads up for whatever it could be: "Jira is getting upgraded this weekend, or there's going to be some downtime on this", or it could be things like "okay we've now enabled GitHub actions across the board" or whatever. There were some new features added to one of our self serve things is asf.yaml, which I know you've spoken to Daniel Gruno about.

… You guys actually published a blog post on that. I saw that on Twitter and  just added it to today's weekly news roundup.

Right.

… I was really surprised to see that. It was exciting. Is that new for you to be announcing publicly like that, sharing outside of the ASF's mailing lists?

It is and it isn't. We used to do it all the time years ago. Then as we've become bigger, it's paid staff not volunteers, we're busy all the time. Blog posts got put out of the picture I guess for a while. So this really new cool feature that was provided, the code was provided by a volunteer via a GitHub pull request. And we looked at it, Daniel made some comments, the changes came backwards and forwards until it was ready to be committed the other day. And it's fantastic new features that projects keep asking us for all the time via Jira tickets. "Can you enable this? Can you check this checkbox?" It's work that we shouldn't have to be doing. So now we don't have to do it. They can just edit their own yaml file in their own GitHub repository and those GitHub features are enabled. It was worthy of a blog post.

… I was pleasantly surprised to see that. That is good. It's interesting because we often don't have enough time to do the work, put out the fires, deal with normal life. You have a family by the way, oh yeah let’s not forget that, but you also have to find time to share this sort of information with the outside world. For me, working on the Inside Infra project is amazing because not only do I get to learn about what's been going on, all these years with the ACF for me it's been kind of a black box in many instances with Infra, but I'm also hearing from outside folks who are saying, "This is great to learn," because how would we know otherwise? It's cool that you are able to share more and more however you can. I was really excited to see that blog post.

Hopefully there'll be more coming. Infra does have a blog and it's been not used as much as it should be I think.

When we publish, we'll be sure to get that out (https://blogs.apache.org/infra/). Let's talk about project requirements. Of course Apache projects have been setting the standard across countless "usual suspect" technologies: servers and Big Data and build tools and libraries and so much more. We now have incoming projects in Edge computing and IOT and blockchain and even hardware acceleration, all of which are coming in through the Incubator. Does Infra need to know anything technical about these topics in order to get the job done? Or do you just handle the back-end support and it doesn't matter what's coming, who's the project or the category they’re in? Are there instances that cause you to say, "We have to learn/do something completely different for this project"? Is there anything that's coming in that changes the way you're getting your work done?

No.

… Great; so it doesn't matter.

No, it doesn't matter. Obviously the Foundation welcomes all types of technologies coming in, and Infra provides what it needs to provide. We don't need to know the ins and outs of 300 projects' code to get our own work done. That would be impossible anyway.

But when you came in, you came in through Apache Forrest: you came in with a project. Do you look at stuff that's coming in through the Incubator, out of curiosity, are you keeping an eye on that?

I do, yes, just on a personal level I do just because it's something I like.

… Okay, so it's a curiosity thing, rather than your job depends on it.

Right.

With so much evolving in this space, if you need to learn something new, is it top-down -- someone saying, "Hey Gavin, go to Jenkins University"? How do you figure out what needs to get done, and how do you learn how to do the job? How do you close your skills gaps?

I think each team member has their own way of learning more. Obviously more needs to be learned all the time, and that could be going to the particular pieces of software's Website, having a look through their documentation. I mean when we're implementing things, we're at a vendor's Website every day of the week, you know? We use Puppet a lot: it's core to what we do. We farm out to 30 Jenkins nodes or whatever, it would all be done through Puppet. So we need to keep up with what's happening with that project. So I'm on the Puppet Website looking through the documentation all the time. New versions are coming out, new features are being enabled, and that could be something that makes things easier for us, so we can implement that from our side. I do a lot of that reading. You talk about Jenkins University. I actually have--

… That exists? I was just making that up.

Well, there is a Cloudbees university. So in my own time I've actually done half a dozen courses myself on Jenkins through Cloudbees University. I'm keeping myself up-to-date and ahead of the curve on that. It's a deep interest of mine, so in my own time I take those courses.

Do you bring it back to the team and share it with them? Or is every man for himself? Do you guys have a lunch-and-learn --"Hey on Thursdays during our weekly call we're going to discuss topic X"? Is there anything like that that happens on a bigger scale, or is it on an individual basis?

Mostly individual basis, but obviously anything that people learn is going to be shared amongst the team at some point, it's going to be "oh I learned this today". Someone could be learning from someone through a PR (pull request), you know? A new piece of code comes into our infrastructure that someone committed, then the others ... everybody looks at everybody's code. So they would look at it and go, "Oh that's neat. Didn't know that." And that's because someone has gone out and learned it from some Website or some course they've done.

Right. Plus your team is super, super close-knit. I'm sure you are like, "Hey, I found this cool thing, you got to check it out" --you're sharing things together, right?

Yes, yes, we have our own Slack channel where we talk all sorts of things. That could be new software coming out, yeah, or new ways of doing things. Or new cooking methods.

That's the thing I've been hearing: the most common thing that everyone tells me is they talk about food and drinking --not code. That's good too, because that's the fabric that connects everyone together.

You can't talk about work all the time. It doesn't matter what industry you're in. If you're in an office somewhere or you're working in a restaurant. It doesn't matter what you're doing, you're not standing there talking work all day long. You're talking about your kids or what place is a good place to go to or have you seen this, have you seen this movie. You know? We do the same talking, we just do it online.

To that end, ASF since day one has been a virtual organization: anyone can work from anywhere, there's always these great stories about people meeting each other for the first time at ApacheCon after collaborating online for 10 years. It's a really cool thing to see. And for years you've been our man in Australia. Has anything changed with that as we're growing? Obviously you're no longer in Australia, but do we need to have an Infra presence on every continent? Where are things going with this? Has anything changed, or we're still business as usual since day one, because it doesn't really matter?

There's no specific place you need to live to do this job. Obviously global coverage is a good thing to have. When I was first employed, I'm pretty sure one of the bonus points was that I was in Australia. There was that one was US-based, then there's Australia-based, so you've got a fair bit of coverage there. So somebody can sleep while the other ones can then fight those fires. With there being five or six people now, there is still a bit of a gap, but not too much. People do all sorts of hours. And I plan on going back there sometime.

… I was going to say that we're going to dispatch someone to Siberia or someplace in order to cover the timezone. But you are going to go back you think?

Yeah, at some point.

… You miss it?

Yeah. The weather is nice, and we have family there.

This is a question I've been asking everyone. What are the biggest threats that infrastructure managers need to watch out for? Not necessarily a doom-and-gloom threat kind of lightning bolt coming out of the sky, unless there is something like that to be aware of. With the pandemic there's been all these security crises and all sorts of weird stuff happening. Is there anything in general you think people in this role need to know about or watch out for? Is there any advice that you think folks should be aware of?

Oh I have no idea. The pandemic hasn't really affected me in terms of the role. I mean being an all virtual organization, I'm not sure it's affected the Infrastructure team at all on a work level.

… Remarkably with that, we remained business as usual while everybody else was scrambling trying to figure out how to cope. So I agree with you on that. Another question I ask is what would you think people would be surprised to know about ASF Infra?

I'm sure the same answer has come out of everybody's mouth. That there's only five, six of us looking after this many projects. I don't really know, yeah. There's just so few of us I guess doing this.

As there are so few of you doing it, and you think that would be surprising for people to know, how many people do you think normally should be doing this work? I'm curious about that, because I don't understand how you guys are able to do this. For me there's always this awe of how you guys are making this work as I can't figure out how.

From my perspective I don't know any different. I've not worked at Google or Microsoft or any other tech company down the road. I've not worked in offices, so I've got no comparison. I wouldn't know whether it takes 20, 30, 40 people. All I know is that we could do with a few more people to take the strain off, because we're all working hard. There's not a day we can say, "Oh there's not much today."

… Are you on a schedule? Do you have days off, or are you on some level seven days a week?

It's different for everybody. Working from home which I've done for these last 10, 11 years is I guess you get used to it. You get up in the morning and you have your coffee, then you're straight into the work. That could be 7:00, 8:00 in the morning. Then you're doing bits and pieces. You're getting some work done. Then "oh hang on a minute, I need to go to the shops," so you can take an hour or two off and go to the shops. Then you come back, then you find yourself closing your laptop at 10:00, 11:00 at night.

… From bed.

Yeah. I like to work the weekends. If I wanted to take a Tuesday, Wednesday off or something like that, I'll just take Tuesday and Wednesday off. During these pandemic times, I haven't had to do much of that.

But the flexibility is crucial and it's super helpful, because you need to keep your mindset. I mean it is very easy to go mad. You could very easily get overwhelmed with this type of workload.

You need to try your best to balance it out. I know other people that work remotely say you must have your own office at home, your own space. And the rest of the family needs to know when you're in that office you're at work.

… Daddy is not accessible. That's not realistic either, right?

No, I mean 10 minutes ago I don't know if you heard my three year old coming up to me.

… I did, and I was going to ask you if you needed to stop because I heard the little one.

My office at the moment for this interview is the dining room table. The kids are upstairs.

You partially answered the next question that I ask everyone. Which is, if you had a magic wand, what would you see happen with ASF Infra?

More staff.

… That's what you mentioned earlier without me asking, so more staff, more people. What kind of roles? More of a generalist thing, or do you need a database guy or a specific type of person?

Either of those would be nice. I mean we've got a dozen services that use databases, so we all know databases. I don't know how many of us are database admins. None of us are, I don't think. But we know enough that we need to know for our services that we run. So do we need a DB admin? I don't know. It could be that if a DB admin came along he would say or she would say, "Look at this, I can improve all this. You've been doing it wrong all these years." And maybe we have, I don't know. So you don't know you need somebody until somebody like that arrives.

Do I think we need somebody specific? Maybe another Python individual. Because we are focused on any new code that we write internally for our own benefit would be in Python. But Daniel is pretty good at that, and so is Greg.

Do we desperately need somebody like that, or do we need a generalist? Probably a generalist at this point.

… To handle the volume.

Yeah.

What's your favorite part of the job?

Interesting ... Let me think about that for a second. I think when you do something and somebody from one of the projects comes back and says, "Thanks very much. You've been a great help." I enjoy helping the projects.

I mean obviously I enjoy working on CI stuff. I enjoy maybe providing a new self-serve tool to help projects and help the team out. Various things. I enjoy the job. I've been here that long, obviously I enjoy the job. But yeah. It's nice when somebody from a community says good job. 

… Is that infrequent? I know that we tend to be very high standards and very "that's expected" mentality. Do folks scrimp with the appreciation?

Yeah. Yeah pretty much. But it does happen. I've had a few "thanks very much, you've been great". Sometimes you need to work with a project not for an hour or a day, but sometimes you might need to work with them for a few weeks on something. It might be a migration or something like that. By the end of it you say, "Okay that's done, I'm going to leave your mailing list now or leave your Slack channel," then you get a message saying, "Thanks very much, we really appreciate your work."

That's great. When you first came into the role, when you first came Infra, what was your biggest challenge?

Hard question. I don't know to be honest. I mean the people that I was working with, whether it was paid staff or volunteers, I knew them anyway because I'd been volunteering previously. I don't know of any challenges to be honest. It was moved from volunteer role to paid role. Gradually over time I got to know the people, got to know the Infrastructure layout, where things were at a technical level.

... Do you think there was any sort of attitude shift towards you when you moved towards paid? It was new then: you were one of the earlier team members. Being paid anything kind of raised an eyebrow at the time. I remember that really clearly. Did you face anything like that? Were you challenged by that?

It wasn't an issue for me. If there were any attitude changes, I didn't notice. I don't think the volunteers leaving over the following couple of years was related.

… Well people burn out. And it's a lot of work. That's the other issue: "Hey I'm here to help out, I know Apache needs help, I'll lift or I'll help raise the building or whatever," --that's one thing, but the fact that the demand is constant, you can't expect people to be spending their free time to do all this work. We do need people to be dedicated and paid for. I'm all for that. 

As you've been with us for such a long time, I'm sure there've been highlights for you. What's your proudest contribution or role or moment in this position?

That's a particularly hard question for me. I think I don't get proud over anything much to be honest. I enjoy doing what I do, but I don't have anything specific to call out. Getting my 10 year t-shirt was a proud moment, I guess.

… There you go. Are you saying that because you're shy or you're super humble?

I don't know.

… Or you're super hard on yourself? I mean there's that too: "That's it, that's all I've done." 

No, I'm not one for calling out the self. That's probably the English in me, I guess.

I appreciate you as one of the gold star participants in my Media & Analyst Training, because you've done it so many times. But I noticed that in you, and that was part of the thing I was always trying to tweeze out of you. "Oh we need to talk about ourselves," and you're like, "No." A lot of people have that tendency to downplay or just not go around "rah rahing". I have to mention that's a very American thing to do, but it happens across the industry. Whether you're interviewing for a job or talking to someone at a cocktail party or whatever. Now even more so with social media, so it's the challenge of balancing that. I want you guys to get the recognition. You are doing massive work. You guys are heroes. I know it might sound weird just to hear that, but it's true.

Yeah. Yeah. I guess. Yeah, I don't have anything to call out. I mean if somebody said to me, if I was in ... not that I've had a job interview in over a decade, but I guess that's one of those questions, isn't it? "What are you most proud of in your last role? What did you accomplish? What was your best thing that you did?" And that's why I've not been good at interviews, because I wouldn't know what to say.

… That's where that t-shirt comes into play. I survived and I thrived over 10 years.

Yeah.

That's great. What about your co-workers, how would they describe you?

You see, we just talked about how quiet I am. But on the Thursday team meetings, I probably talk the most.

… I do not believe that. How do you mean?

It's a standing joke, "Oh this week's team meeting was only 20 minutes because Gavin didn't attend," you know? But I don't waffle on, I do talk about work. It's just I've got a lot to say.

That's good. You stick to the point, you're not waffling on. All right. What else do I need to know that I haven't asked? Is there anything specific that you want to highlight, a project you're working on, an achievement, something? Anything that I'm not touching upon that's like "I need to make sure that Sally knows X"? Is there anything you haven't touched upon that we haven't discussed?

No, I don't think so. I was thinking before the call, "What are we going to talk about?" 

… Media training. There you go, you're preparing your speaking points.

Yeah. 

… Ta-da, so that's my proud achievement. I got Gavin to think about speaking points. 

Yeah. I mean yeah, as far as how the Infrastructure team are doing at the moment, are there any big things coming up? Not from me, I don't think. No.

I started thinking about this series when we were in Vegas (ApacheCon) last year. We had so many people show up at media training, I was thinking, "This is such an interesting group that no one ..." --you're not faceless, you're there, but it's so hard to discern the individual behind the group, right? And the group, like you said, is so small, so I think there is such an amazing story with you guys. And you're so integral to the Foundations actual operation. Because you're so ubiquitous, people don't think about it. And I think that's ... Maybe because I'm non-technical, for me it's this massive lift. It's like shooting a rocket up. It's incredible. So I certainly appreciate you guys. I think it's just amazing what you do, and you deserve a pat on the back and an attaboy and all sorts. I'm here to cheerlead.

Thank you.

You bet. Thank you so much. I really appreciate your time today. And thanks for doing this, and thanks for passing on the word with the team that it's not a painful experience. I'm also trying to encourage other members of the community to consider doing something like this. We do the "Success at Apache" posts, with individuals writing about themselves and their experiences. Apache wouldn't work if it weren't for the people. Right? It's all about the people. This is not from a PR perspective, but after 21 years I am always ... I keep wanting to know the same things about everyone. And I know it's not limited to me. If I'm curious, I'm sure other people are curious.

= = =

Gavin is based in the UK on UTC +0 (currently on CET). His favorite thing to drink during the workday is coffee with milk, no sugar, and consumes about 10 cups per day.

Friday November 13, 2020

The Apache News Round-up: week ending 13 November 2020

It's Friday already --the week has zipped by. Here's what happened:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 November 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - ApacheCon@Home sessions now online at https://www.youtube.com/c/TheApacheFoundation/ 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.92%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 407 Apache Committers changed 2,336,295 lines of code over 3,425 commits. Top 5 contributors, in order, are: Jarek Potiuk, Mark Miller, Andrea Cosentino, Mark Thomas, and Kaxil Naik.            

Apache Project Announcements – the latest updates by category.

Libraries --
 - Apache Log4j 2.14.0 released http://logging.apache.org/
 - Apache CXF CVE-2020-13954 Reflected XSS in the services listing page via the styleSheetPath https://s.apache.org/tsb9p


Did You Know?

- Did you know that more than 300 videos from ApacheCon@Home are now available, including keynotes, plenaries, and sessions on Big Data, Clinical Data, Community, Content Delivery, Fintech, Incubator, Integration, IoT, Machine Learning, Mobile, Observability, Search, Servers, Streaming, and more are now available? https://www.youtube.com/c/TheApacheFoundation/ 

- Did you know that Tencent uses Apache Pulsar to power federated learning with trillions of concurrent training? http://pulsar.apache.org/ 

- Did you know that the Norwegian Agency for International Cooperation and Quality Enhancement in Higher Education is powered by Apache Wicket? http://wicket.apache.org/


Apache Community Notices

- Apache Month In Review: October 2020 https://s.apache.org/Oct2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.


Friday November 06, 2020

The Apache News Round-up: week ending 6 November 2020

Welcome, November --we're opening the month with another great week. Here's what the Apache community has been up to:

The Apache Month in Review – highlights of what we've accomplished over the past month.  
 - 
October 2020 https://s.apache.org/Oct2020 

Inside Infra – the interview series featuring members of the ASF Infrastructure team.
 - Meet Gavin McDonald --Part I https://s.apache.org/InsideInfra-Gavin

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 November 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - ApacheCon@Home was a success https://s.apache.org/d3stb All sessions now online at https://www.youtube.com/c/TheApacheFoundation/ 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.77%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 401 Apache Committers changed 4,517,272 lines of code over 3,562 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Claus Ibsen, Gary Gregory, Andrea Cosentino, and Adrian Cole.      

Apache Project Announcements – the latest updates by category.

Application Performance Monitor --
 - Apache SkyWalking 8.2.0, Client JS 0.1.0, and Kubernetes Helm Chart 4.0.0 released https://skywalking.apache.org/

Big Data --
 - Apache HBase 2.3.3 released https://hbase.apache.org/
 - Apache ShardingSphere ElasticJob 3.0.0-beta released http://shardingsphere.apache.org/elasticjob/

Content --
  - Apache Jackrabbit 2.20.2 released https://jackrabbit.apache.org/

Libraries --
 - Apache Commons VFS 2.7.0 released http://commons.apache.org/proper/commons-vfs/

Natural Language Processing --
 - Apache NLPCraft 0.7.1 (incubating) released https://nlpcraft.apache.org/

Search --
 - Apache Lucene 8.7.0 and Solr 8.7.0 released http://lucene.apache.org/

Security Framework --
 - Apache Shiro 1.7.0 released https://shiro.apache.org/
 - Apache Shiro CVE-2020-17510 Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass https://s.apache.org/lxsuw

Did You Know?

- Did you know that you can support the ASF's day-to-day operations with a one-time or recurring donation? http://donate.apache.org/ 

- Did you know that Omnichannel Order Management Systems handle real-time inventory visibility and synchronization using Apache OFBiz? https://ofbiz.apache.org/

- Did you know that the Call for Presentations is open for Apache MXNet Day? Submissions are due by 16 November https://s.apache.org/4jbhx 

- Did you know that Virtual Druid Summit will be held on 18 November? See "Upcoming Events" at http://druid.apache.org/


Apache Community Notices

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday November 02, 2020

Inside Infra: Gavin McDonald --Part I

The "Inside Infra" series with members of the ASF Infrastructure team continues with Gavin McDonald, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity.



"...The Foundation itself has a responsibility to the Projects to ensure that there is solid infrastructure there. So there's got to be a requirement that there's people there all the time to maintain this infrastructure. The Infrastructure team has become more professional over the years. The Projects have become customers, I guess. Volunteers are always welcome; at Infra we still have plenty of areas in which volunteers can help out."

All right, let's get started. What is your name and how is it pronounced?

Nice and easy one. Gavin McDonald. Just McDonald as in Big Mac and fries McDonald's. It's M and C, no Mac.

When and how did you get involved with the ASF?

That was back around about 2005. I was looking for something different to do than what I was doing. And I came across the Apache Forrest Project. I knew a little bit about XML and websites and stuff like that. So I started contributing to the Apache Forrest Project. And some months later they made me a Committer.

So you first got involved with the Forrest project, then at some point you became part of infra. How did that evolution happen?

That's me looking around for more things to do. I've always been involved in and interested in system administration work. My first real communications with the Infra team was whilst working on a Forrest Solaris Zone and needed some help with it. Shortly after that I started volunteering there. 

First of all, I saw a huge number of tickets regarding mirrors, you know for our software downloads. I'd say it was probably around 150 tickets outstanding for mirrors wanting to join.

... What?!

Yeah.

... One Hundred and Fifty...

Something like that; some of them had been outstanding for quite a while. At the time there was only one person being paid. There were volunteers obviously looking after the machines and stuff like that. Mirrors were sort of lagging behind as they were less important. So that was my in. I started off with getting karma to add all the mirrors.

There was a certain standard that mirrors have to have, certain configurations. So I was going backwards and forwards with the mirror providers and making sure they were up to scratch, then adding them into our configuration.

From then, I introduced BuildBot to Infrastructure. And I think maybe a year after that, this is now talking 2009, a position opened. I think more or less the rest of the Infrastructure volunteers said, "Gavin is doing the job anyway. Let's give it to him."

That was my interview.

Around October, November 2009 I became paid staff.

Are you the longest serving member of the current Infra team?

Yes. Last year at ApacheCon I got presented with a 10 year t-shirt. Next time there's a physical conference I'll be bringing it along.

10 years thumbs up: that's good! Explain the structure of the Infra team and your role in it.

There are six of us, plus Greg (Stein), our Infra Admin, and David (Nalley), VP Infra. One of them is a documentation guy, that's Andrew (Wetmore). The rest of us all various system administration devops work. We look through tickets, what's needed to be done, and obviously we're looking to improve our infrastructure uptime and software and updates. So we all do what's needed, basically. Everyone has various roles.

What's your role?

Well it's a bit of everything, I think. I have been concentrating quite a lot on the CI/CD side of things. That was written into my original contract, which is now not part of the contract. Basically that means the whole entire time I've been here, I've been involved in BuildBot and Jenkins and other CI/CD stuff, and I've been doing a lot of that lately as well. Migrating Jenkins over to new Cloudbees software, and on a whole load of VMs, mainly in AWS.

You mention that CI/CD is a key part of your role. Is that what you're specifically responsible for within Infra? Are you "the CI guy"? Are there other things you do? Everyone says to me, "Hey we do everything." That sounds amazing, but how is that possible? Do you do everything else in addition to the CI work?

Yeah pretty much. Yeah. Everyone can do pretty much everything that we touch on. Some just choose to do certain things that they're more capable of or more used to working with or they like it better. Nobody is told, "You're working on this."

That's interesting. Fill that part in: if there's six things that need to get done, but five of you are actually hands-on sysadmins, so you guys do what you like to do or what you prefer to do? No one says, "Okay you go handle that mail server"? How does it work?

Obviously there's 24 hours in a day and there's people all around the world. If there's an emergency going on or a mail server breaks down or something needs doing, then whoever's around at the time would step up and say, "Okay I'll take a look at that."

So everyone's pitching in --it's not, "Hey I'm not going to do it. Wait for ‘the mail server guy’."

No, no. Obviously I'm sort of known for the Jenkins and BuildBot stuff, but if I'm not around, everyone else can just jump in and get on with it.

So how did you become the Jenkins guy? How did you get to be the BuildBot guy? You were saying earlier that you kind of evolved into it because it was needed, but is this something that you've personally had interest in to start? Or is it just, "Hey there's a fire here, I need to put it out," and it became this cellular memory, a habit, it's now your thing.

I think a little bit of both. I started off introducing BuildBot not long after I started. Jenkins had already been going a little bit at that time, but I've been involved in that also since the start. And it's over the years become more important to projects. Back when it started, it was a nice-to-have sort of thing. There was none of this pipelines, and CI wasn't an integral part of releases, whereas these days it's more and more a requirement. Jenkins and BuildBot have gone from second-class citizens, if you like, to one of our core services that needs to be kept on top of all the time. It's one of the most important aspects of our infrastructure for projects. There's a great demand for it. And it's increasing all the time.

That's interesting to see it go from a supporting role to the lead demand. That's been what, over 11 years now?

Yeah, 11 years.

In earlier interviews, I spoke to Chris and Drew and Greg and Daniel (Infra team members Chris Thistlethwaite, Drew Foulks, Infra Administrator Greg Stein, and Daniel Gruno) and they've all given me their perspectives on the many areas that infra is involved with. Tell me about the scope of the work that you guys do, and how is it different from other Open Source foundations?

Not sure how I can answer that. I'm not involved in any other Open Source foundations.

Okay, well tell me how does Infra operate at the ASF? You support the Foundation, you support projects. How do you help?

We have, as you know, over 300 projects. Each of those requires a Website, each of those requires an area for their code, whether that be Subversion or Git. We obviously over the last couple of years have been more involved in supporting GitHub for Projects. And we have the Confluence wiki and Jira for the issue trackers. So all of the services that they need to operate as an Apache Project is what we offer them.

So every project needs a Website, as you said. Each Apache Project is responsible for their code, their communications, and their community. So they run their own Website, but Infra handles the backend? What is it that you do for them?

Yes, we handle the backend. We've got Web servers that all the Websites get published on, but they write their Website content, and that could be written in many different languages. So we support them being able to provide their Website content in whatever manner they want. This could be just plain HTML, it could be compiled in Maven or in Pelican, there's a million different things. GitHub pages. So we provide the publishing methods for them to be able to go from there ... most projects these days just want to be able to commit a change and leave it at that. Then that change automatically gets published to the Web via automated mechanisms at the backend, you know? We watch for a commit. That could be via a gitpubsub, could be via Jenkins, via BuildBot, GitHub Actions, all of these methods. We'll see a commit, and it'll publish it and build it if necessary before publishing. So they just commit a change and leave it at that.

So the magic that's associated with that automation, is that something you guys are building to support them? Or is it something that pre-exists? How are you integrating all these different languages or platforms? How is this happening?

Well, software like Jenkins and BuildBot ... those mechanisms we can provide pre-built code to watch their repositories for commits to their Website repository. It'll automatically build it, and then it'll push it to the websites. There's also recently GitHub actions will also, instead of being on Jenkins or BuildBot or Travis or any of those, GitHub actions will take a commit straight out of the GitHub repository. It'll do the building of the Website, then it'll push it to usually what's called an asf-site branch. And then we pick it up from there and publish it. The actual GitHub actions code themselves is written by the projects. So that's self-serve.

If there is a fail for that commit, who fixes it? Is it the Project’s responsibility or is that your responsibility? Who's under the hood dealing with that?

It depends. If it's a coding error, then it's theirs, the Projects. If there's some kind of hardware failure, or if there's a piece of software gone down, communications error, yeah, it's up to us to track that down and find out what happened.

I'm understanding a trend here. If you go to other foundation sites, they seem more “corporate” in the sense that everyone's site looks, feels, and performs the same way, they operate the same way and they tend to be under the same infrastructure altogether, right? They're not using 50 different CMS's.

Right.

... That in itself is highly unusual.

Oh okay, yeah. We don't mandate how projects make their Website look, or we don't mandate how they must build it.

That in itself, the autonomy to do what works best for the Project, I think is highly unusual.

Okay. That's good to know.

In terms of ASF Infra and other foundations, you guys don't sit together and compare notes or talk to each other or anything. A lot of groups copy us, so I presume there's little interaction other than socially, right? I didn't know if there was, "Hey, Linux Foundation does that. We should do the same thing," kind of thing. The ASF does its thing and so be it. 

As far as I know, we have no interest in what other people are doing in terms of how they do things. We do things how we think it's best to do them for us and our Projects, how it works best for us. Whether other team members go off and have a look at how other foundations are doing things, I don't know. But I don't.

... Uniquely Apache.

Yeah.

In terms of services, what's the difference between what you offer for individual Apache Projects and their communities versus Foundation-level initiatives? I presume there's a difference --is the majority of your work serving the Projects? What's the percentage of work that you do that's for the Foundation versus Projects? Is it all for Projects? Or is it all considered one thing.

I don't really see a difference. All the work that needs doing is for the Project or Foundations as a whole. It's all the same to me.

What about incubating projects? Do they have special needs or requirements? How do you support them?

Not really unless they're coming into the Incubator with something they've always used that we don't do. Then we would look at that and decide whether it's something we can do for them or not. There's been a few projects that come in like maybe OpenOffice in 2011.

That was exactly in my head in terms of pre-existing groups that have pre-existing infrastructure. OpenOffice was a whole community altogether in a completely different way. How did Infra support them? What did you do? I knew that there were some issues with the codebase and licensing. What else did you do to support that project?

Oh that was a while ago.

... That's fine, I was just curious as to what you guys did. I just remember it was a huge lift from everybody, from all sides. Licensing and code and every aspect of that project coming in seemed to me to be very, very, very challenging, but we got through it. So that's great.

I know there was a lot of work bringing the code in, and not just from the licensing perspective, but also it was an enormous amount of code that needed to come in. I don't know whether they were in Subversion beforehand, but we provided them their space in Subversion and their Website space. I think a lot of the work was done by the project themselves.

Wow, wow. That was a lot of work. How do you handle Projects or communities that make unreasonable demands from the team? How do you guys deal with that?

There are some projects ask more of Infra than others. Some we never hear from at all. There's kind of a fine balance. Projects that are fairly new, we probably spend a bit more time with them helping them out, making sure they get all set up. They may ask new things, there may be some initial push backs, then all of a sudden there's another two or three projects interested in the same thing. So then we have to take a serious look and decide whether that's something we need to support ongoing.

We do get each of the team members I'm sure gets private PMs on Slack and emails and stuff like, "Hey, can you help me out with this?" Or whatever. Sometimes you just do it. But we're sort of encouraged to ask them to go through the proper channels via a Jira ticket or email to the appropriate list.

Not to name names, but have any Project's expectations been so unusual or so out of scope that it shocked you guys? Have you had situations where it's just been absolute, where you guys have been floored by it?

There's been maybe one or two projects that have just been incessant in their demands on Infra, as if we were their personal team. But we deal with it as in, "okay, slow down, what do you need? File a ticket." If they keep going on and on and on, then obviously we've got escalation levels. We can say, "Hang on," and we can pass that onto our boss and say these are being a bit unreasonable.

For those "colicky baby" types of projects, I've been hearing more and more about additional services being offered through Self-Serve. Are these guys able to take on Self-Serve and go, "Yeah that works for us and we'll do it." Have they been able to kind of self-satiate their needs, or has it always been "Infra do it for us"? How successful has Self-Serve been in terms of wicking away demand?

It's been hugely successful. You're referring to selfserve.apache.org: we introduced that three-four years ago maybe. It was a way to ... help the projects help themselves so they don't have to wait for Infra, because they know Infra is busy. Sometimes waiting two or three days for something is ... from their side of things they're like, "It's been two or three days. Still hasn't been done." But from our side of things, "it's only been open two or three days, what are they worried about?"

... "You're in the queue, wait."

Yeah: self-serve was introduced as a way for them to help them, and also it helps us, there's an awful lot of tickets now that don't get filed because of that. They can create their own Jira Project. They can create their own Confluence wiki. They can create their own Git repositories. 

... On their own completely? Without intervention, without "mother may I?", anything? They just go do it?

Yep. There's an awful lot that they can do on their own. And we introduce more self-serve things all the time that otherwise we'd have hundreds more tickets if they weren't able to do that on their own. They can create their own mailing list now: they don't need us.

Do you have to be a PMC member to do that? Can any Committer can do that? Who gets to administer these types of services for projects?

I believe some of the self serve options are PMC chair, and others are PMC members.

… So not just some person who's like, "Hey I'm committing code, I'm going to go and futz around with the site and break something."

Yeah, no.

That's good. Controls obviously are necessary. This is terrific: what a huge difference.

Yeah definitely.

We've got hundreds of projects that have successfully incubated and graduated under the Apache banner. How do you guys develop new products and services to help support that innovation? We get all sorts of projects coming into the Foundation. Going back to OpenOffice as an example, we've never had a project like this of that scale, and consumer-facing. There were so many different things about that that was so unique, and yet we said, "Yeah you're part of the Foundation, you're coming in, you're part of the family."

Yeah.

We’ve had to adapt as we grow. Is there a way for you guys in anticipation ... feel like you need to have a different type of runway in order to accommodate new projects coming to the ASF? Or do you deal with it as it comes along?

Infra is not in control of what projects come to the Foundation. We don't have a say in that. When a project comes to the foundation and they have different requirements, then that's when we get to know about it. And we would deal with it appropriately then.

Obviously there's growth and we know that there's going to be more and more projects coming to the ASF all the time. So we anticipate growth as such.

… So you are setting yourselves up to accommodate more growth, not specifically a matter of "we need more Jenkins" or whatever.

Right. I mean whatever it is that we are looking after, we need to know that that particular service is going to be able to connect with growth.

Got it. How many requests do you receive a day? In general in terms of what constitutes "hey we're slammed" versus a regular day of "we've got 40 things in the hopper", that's normal? What's the volume that you are dealing with?

I want to give you a figure as far as Jira is concerned, which is only one aspect of the things that we handle. Not everything is done by Jira tickets. But I'd say on an average month, we probably get between 150 to 200 tickets a month.

I've been on the Infra channel on Slack, and it's constant. It's nonstop.

Yeah.

Explain to me a typical workday. How do you manage between "hey I'm focused on a long-term project, this new request is coming in, Sally's hair is on fire because she needs help with a mailing list" and whatever else is going on? There's just constant demand on you guys. How do you not go crazy? How do you manage this?

We just get used to it, I guess. Obviously each individual handles their own time in their own way. At any one time there could be one, two, or all of us could be on Slack. So as requests come in on Slack, if it's a two minute, five minute job, we might just say, "Okay, all right, I'll sort that out for you now." Or if we feel it's going to be a little bit more in depth then we say, "Okay file a Jira ticket." Then one of us can pick that ticket up and take a look at it.

We do get people pinging individuals on Slack saying, "Can you help me with this?" Or whatever. Which is often negative to them in a way that they're narrowing their scope of help they can receive by targeting a specific individual. That person might be extremely busy for the next four or five hours, day and a half, whatever it is. And there's another four or five people that could help them with that question.

Typical day, obviously you get up, you check your emails, you see what's urgent, are there any fires to fight straightaway. You go on Slack, that stays open all day. As requests come in, you check Slack all day long. That's just one of those things. You check your tickets, your Jira tickets, what needs doing today, what can wait, or if you've got plenty of time then even the ones that can wait get done.

Whatever order you feel is most important. Then yes, everyone's got longer-term projects on. So myself personally, if I can spend a day or two on a long-term project, then get back to doing tickets, it's the way it is. If there's a lot going on in ticket land, then your project gets put on hold. If something breaks down ... The other week we had to move our Jira server because the hardware broke, so on a Sunday things broke down. Quickly fire up a new server and move everything across. Not sure anybody noticed, which is a good thing.

That's always a good thing. Business as usual, no one knows. With all this stuff coming at you and servers breaking down on the weekends, et cetera, how do you keep everything organized?

It depends on the day, I guess. Some days are good, some days are ... some days you can't see your hand in front of your face for things going on. Each day as it comes. There's no plan. I don't plan what I'm doing tomorrow. If there's a long-term project and I think things have slowed down, projects aren't asking for things, tickets are coming in slowly, I think I'll get on with my project tomorrow. Then you wake up tomorrow and something different happens. There's no real plan.

You don't use any special tools to keep your work checklist in order or anything like that other than the Jira? 

I tried to use various products over the years. You've got Trello and these other kanban board type things. You actually got to open it up and fill it out, haven't you?

It's so interesting you say that because I think some people find that structured way of working extremely efficient, then it's exactly that solution for them. Spending the time to actually do it is taking away from doing other things ... so I don't know if that works for everyone.

It doesn't work for me. I did start one of these boards, but it doesn't fit in with the job. You've got ... "okay, this has got to be finished in three weeks, this has got to be finished in two days." And it sends you reminders and emails and this and that. I mean there is no time limits on things. We're not a software project. We don't have to release something next week.

… True, you don't have hard delivery dates.

Like you say, time is taken away by filling out these things that are supposed to help you organize. So I just don't do it anymore.

Do you have other challenges with that? Balancing everything and getting everything done?

No, feeling okay. I mean I'm still here.

That t-shirt is evidence, that's true. Since Day One, the ASF has been known for creating their own rules for success. They're like, "We're going to do it our way," right? And Infra --even before there was an official infra-- played an important role. You can't exist without that kind of support. How has --and you've been with the Foundation long enough to see patterns and changes --how has infra changed over the years?

Good question. When I officially came onboard as a contractor, I was the second contractor at the time. And everybody else was a volunteer. There were quite a few volunteers. And they were there a lot. At least a dozen people that were active as infrastructure volunteers, even though they knew that there were two people getting paid to do the same thing, they were still there. Still volunteering.

Over the years, things have gotten a bit more professional, I guess. The service requirements have become more of a professional level. Down time is ... years ago if something was down for a couple of hours, it was like "there were just volunteers that are handling it. They'll get to it when they can". But as more and more paid staff had come onboard, to a grand total of six, a reverse happened with volunteers. They've mostly gone. You've got now maybe two or three volunteers that have stuck around and been around for a while. Because there's paid staff doing it. It's changed as in "who wants to volunteer for something when there's people being paid to do it?"

Was this shift proactive or reactive? Was it a matter of the demand coming from a Project and for us to go, "Well we better change this," or was it a matter of we're feeling like we're having volunteer burnout or whatever and we need to make this a more professionally oriented organization? Do you recall how this shift happened?

It happened gradually over the years. As the Foundation grew, more projects came in, more hardware was required, more services are required, more hands-on time is required. So you increase the staff one by one to handle this. Then I think over time as volunteers start dwindling away, due to the fact that there's people getting paid to do it.

That's one aspect. The Foundation itself has a responsibility to the Projects to ensure that there is solid infrastructure there. So there's got to be a requirement that there's people there all the time to maintain this infrastructure. The Infrastructure team has become more professional over the years. The Projects have become customers, I guess. Volunteers are always welcome; at Infra we still have plenty of areas in which volunteers can help out. And, we don't bite!

Obviously the SLA is related to that shift too. They're becoming customers versus "we're all in it together and everybody figure out how to make it work". I'm sure the expectations also were higher, right? Because now you have a team, what's your excuse for not getting it done?

Right.

[END OF PART ONE]

Sunday November 01, 2020

Apache Month in Review: October 2020

Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in October:

New this month --

 - ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
   -- ApacheCon@Home 2020 was a huge success https://blogs.apache.org/conferences/entry/apachecon-home-2020-was-a
   -- All sessions, including Plenaries and Keynotes from ApacheCon@Home are available https://www.youtube.com/c/TheApacheFoundation/

 - Apache Software Foundation Operations Summary: Q1 FY2021 (May - July 2020) https://s.apache.org/2mefr

 - The Apache Software Foundation Celebrates 20 Years of OpenOffice https://s.apache.org/86lex

 - "Inside Infra" – the interview series featuring members of the ASF Infrastructure team
   -- Daniel Gruno --Part II https://s.apache.org/InsideInfra-Daniel2

 - Apache Month in Review: September 2020 https://s.apache.org/Sep2020


Important Dates --

  - Next Board Meeting: 18 November 2020. Board calendar and minutes http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in October was 100%. http://www.apache.org/uptime/

Committer Activity --

In October, 789 Apache Committers changed 12,272,284 lines of code over 15,524 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Claus Ibsen, Mark Miller, Mark Thomas, and Andi Huber.

Project Releases and Updates --

New releases from Apache Ant (Build Management); Any23 (Content); Arrow (Big Data); APISIX (API); BookKeeper (Big Data); Calcite (Big Data); Camel (Integration); Commons DBCP (Libraries); Commons NET (Libraries); Commons Pool (Libraries); Druid (Big Data); Flink (Big Data); Groovy (Programming Languages); Hadoop (Big Data); HBase (Big Data); HttpComponents Client (Servers); Ignite (Data Management Platform); Jackrabbit (Content); Kylin (Big Data); Lucene (Search); NiFi (Big Data); Oak (Content); OpenMeetings (Web Conferencing); Pulsar (Messaging); Qpid Broker (Messaging); Skywalking (Application Performance Management); Solr (Search); Struts (Web Frameworks); Tomcat (Servers); Tuweni (Blockchain); Wicket (Web Frameworks); XMLBeans (Library).

The Apache Incubator is the primary entry path for projects we invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . New releases from incubating podlings include: Apache Teaclave (Incubating; Computing); StreamPipes (Incubating; IoT); TVM (Incubating; Machine Learning).

# # #

To see our Weekly News Round-ups, visit https://blogs.apache.org/foundation/ and click on the calendar in the upper-right side (published every Friday) or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. We appreciate your support!

Friday October 30, 2020

The Apache News Round-up: week ending 30 October 2020

Farewell, October --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Operations Summary: Q1 FY2021 (May - July 2020) https://s.apache.org/2mefr
 - Next Board Meeting: 18 November 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - ApacheCon@Home was a success https://s.apache.org/d3stb All sessions now online at https://www.youtube.com/c/TheApacheFoundation/ 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 391 Apache Committers changed 3,264,512 lines of code over 3,468 commits. Top 5 contributors, in order, are: Robert Scholte, Andrea Cosentino, Gary Gregory, Mykola Bodnar, and Kaxil Naik.  

Apache Project Announcements – the latest updates by category.

API --
 - Apache APISIX 2.0 released https://apisix.apache.org/

Application Performance Monitor --
 - Apache SkyWalking Nginx LUA 0.3.0 released https://skywalking.apache.org/

Blockchain --
 - Apache Tuweni (Incubating) 1.2.0 released https://tuweni.apache.org/

Data Management Platform --
 - Apache Ignite 2.9.0 released http://ignite.apache.org/

IoT --
 - Apache StreamPipes (Incubating) 0.67.0 released https://streampipes.apache.org/

Did You Know?

- Did you know that Oak Ridge National Laboratory uses Apache Spark and Parquet to solve high-performance computing solutions on some of the world's fastest supercomputers? https://youtu.be/b5fpiDzScRU 

- Did you know that Orange's media center is powered by Apache Wicket? http://wicket.apache.org/

- Did you know that "Success at Apache" features the personal and project perspectives on the people and processes behind why Apache "just works"? Contributions accepted by all ASF Committers! https://blogs.apache.org/foundation/category/SuccessAtApache

Apache Community Notices

- Apache Month In Review: September 2020 https://s.apache.org/Sep2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Friday October 23, 2020

The Apache News Round-up: week ending 23 October 2020

And it's Friday! Let's take a look at what the Apache community has been up to over the past week:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Operations Summary: Q1 FY2021 (May - July 2020) https://s.apache.org/2mefr
 - Next Board Meeting: 18 November 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - All sessions, including Plenaries and Keynotes from ApacheCon@Home are available https://www.youtube.com/c/TheApacheFoundation/ 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.86%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 380 Apache Committers changed 2,506,459 lines of code over 3,325 commits. Top 5 contributors, in order, are: Andrea Cosentino, Claus Ibsen, Andi Huber, Łukasz Dywicki, and Mark Miller.    

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Druid 0.20.0 released https://druid.apache.org/
 - Apache Kylin 3.1.1 released https://kylin.apache.org/
 - Apache Arrow 2.0.0 released https://arrow.apache.org/
 - Apache NiFi Registry 0.8.0 released https://nifi.apache.org/registry.html
 - Apache BookKeeper 4.11.1 released http://bookkeeper.apache.org
 - Apache Hadoop CVE-2018-11764 Privilege escalation in web endpoint https://s.apache.org/jjdpq

Blockchain --
 - Apache Tuweni (Incubating) 1.2.0 released https://tuweni.apache.org/

Content --
  - Apache Jackrabbit 2.21.4 released https://jackrabbit.apache.org/

Integration --
 - Apache Camel 3.6.0 released https://camel.apache.org/

Library --
 - Apache XMLBeans 4.0.0 released  https://xmlbeans.apache.org/
 - Apache Commons Net 3.7.2 released https://commons.apache.org/proper/commons-net/

Messaging --
 - Apache Qpid Broker J 7.1.10 and J 8.0.2 released https://qpid.apache.org/


Did You Know?

- Did you know that the ASF Infrastructure team have added more self-serve features to .asf.yaml? https://blogs.apache.org/infra/entry/even-more-github-features-added

- Did you know that Salesforce uses Apache Druid as their real-time analytical database to store application performance metrics extracted from billions to trillions of log lines per day? http://druid.apache.org/ 

- Did you know that the Apache OFBiz community is deliberating deployment on AWS production environments? http://s.apache.org/yvu54

Apache Community Notices

- Apache Month In Review: September 2020 https://s.apache.org/Sep2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Friday October 16, 2020

The Apache News Round-up: week ending 16 October 2020

Happy Friday! Let's take a look at what the Apache community has been up to over the past week:

Inside Infra – the interview series featuring members of the ASF Infrastructure team.
 - Meet Daniel Gruno --Part II https://s.apache.org/InsideInfra-Daniel2

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Operations Summary: Q1 FY2021 (May - July 2020) https://s.apache.org/2mefr
 - Next Board Meeting: 21 October 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - Our first online event was a huge success https://blogs.apache.org/conferences/entry/apachecon-home-2020-was-a 
 - Plenaries, Keynotes, and dozens of sessions are now available at https://www.youtube.com/c/TheApacheFoundation/ 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.93%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 396 Apache Committers changed 3,610,614 lines of code over 3,602 commits. Top 5 contributors, in order, are: Andrea Cosentino, Cedric Champeau, Mark Thomas, Claus Ibsen, and Jarek Potiuk.  

Apache Project Announcements – the latest updates by category.

Application Performance Monitor --
 - Apache SkyWalking CLI 0.4.0 released https://skywalking.apache.org/

Computing --
 - Apache Teaclave (incubating) 0.1.0 released https://teaclave.apache.org/

Content --
 - The Apache Software Foundation Celebrates 20 Years of OpenOffice® https://s.apache.org/86lex
 - Apache Jackrabbit Oak 1.22.5 released https://jackrabbit.apache.org/

Machine Learning --
 - Apache TVM (Incubating) 0.7.0 released https://tvm.apache.org/

Search --
 - Apache Solr CVE-2020-13957 The checks added to unauthenticated configset uploads in Apache Solr can be circumvented https://s.apache.org/9nmgo

Servers --
 - Apache Tomcat 8.5.59, 9.0.39, 10.0.0-M9 released https://tomcat.apache.org/
 - Apache Tomcat CVE-2020-13943 HTTP/2 Request mix-up https://s.apache.org/9rw62

Web Frameworks --
 - Apache Wicket 9.1.0 released https://wicket.apache.org/


Did You Know?

- Did you know that Apache Roadshow China will be held online 24-25 October, alongside COSCon 2020? https://programmersought.com/article/65545569898/ 

- Did you know that members of the Apache community will be presenting at All Things Open, being held online 19-20 October? https://2020.allthingsopen.org/  

- Did you know that members of the Apache Ignite community will be presenting at the In-Memory Computing Virtual Conference 2020, being held 28-29 October? https://www.imcsummit.org/2020/virtual/

- Did you know that members of the Apache Pulsar community will be presenting at Pulsar Summit, being held online 28-29 November? https://pulsar-summit.org/en/event/asia-2020


Apache Community Notices

- Apache Month In Review: September 2020 https://s.apache.org/Sep2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Christ Thistlethwaite https://s.apache.org/InsideInfra-Chris | Drew Foulks https://s.apache.org/InsideInfra-Drew | Greg Stein Part I https://s.apache.org/InsideInfra-Greg , Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 | Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday October 12, 2020

The Apache Software Foundation Operations Summary: 1 May - 31 July 2020

FOUNDATION OPERATIONS SUMMARY

First Quarter, Fiscal Year 2021 (May - July 2020)

"This Foundation has survived more than two decades of change in the software industry and is stronger now than ever before."
Roy Fielding, ASF co-Founder and Chairman


> Conferences and 
Events http://apachecon.com/

During the report period, the Conferences team has been working hard on ApacheCon @Home 2020, which will be the 33rd ApacheCon. Apachecon @Home will feature content from 27 different Apache project communities, including Big Data, Machine Learning, Royale, Pulsar, Tomcat, Geospatial, Community, Camel, and many others. We will also be featuring content in Asia-centric timezones, and, for the first time ever, content in Mandarin, German, and Spanish language.

ApacheCon @Home 2020 will feature keynotes by Thomas Huang (NASA), Camille Fournier (Author) and Edmon Begoli and Josh Arnold (Oak Ridge National Labs).

This event will be our first 100% online edition of ApacheCon, which makes it available for people in every time zone, many of whom have never been able to travel to ApacheCon before. We expect to have more than 2000 attendees, making it the largest ApacheCon ever.

You can learn more about Apachecon (and register!) at https://apachecon.com/acah2020

> Community Development http://community.apache.org/

Throughout this quarter we have been adapting our approach to help mitigate the impact of Covid-19 on our activities. With the changeover of ApacheCon to an online conference (ApacheCon@Home) we have been busy working with the conference team to ensure a good transition. As usual we participated in the ApacheCon@Home CFP and had attracted a lot of submissions. We had enough proposals to plan a 3 day Community track running over two timezones. To help support our global audience it will also the first time that we will be presenting content in languages other than English.

We are also planning to have an online booth available at the event and are currently deciding on the type of activities that we can do remotely that will still generate the feeling of community.

During this quarter we have also kickstarted our podcast platform Feathercast again as a tool for promoting Apache projects. Our objective is to have a podcast created for every Apache project. An initial request was sent out for people to be interviewed about their project. There has been a lot of interest and feedback has been very positive. Currently 12 interviews have been completed and featured on Feathercast. We hope that this will continue to increase.

The Apache Local Community (ALC) initiative is still growing and thanks to Kenneth Paskett from the Central Services team, we now have branding for the ALC chapters that can be customised for each location. The branding helps strengthen the Apache brand locally. ALC Beijing held their first meetup and ALC Indore have held two webinars and will be presenting a range of talks in Hindi for ApacheCon@Home.

Our GSoC student evaluations were completed on schedule and our mentors contine to work with their selected students.

Our mailing list has seen a decrease in traffic compared to the previous quarter, probably due to the holiday season. We do expect to see increased activity levels as we build up to ApacheCon@Home in September.

> Committers and Contributions http://apache.org/licenses/contributor-agreements.html

Over the past quarter, 1,252 contributors committed 41,706 changes that amount to 13,946,950 lines of code across Apache projects. The top 5 contributors, in order, were: Andrea Cosentino (1,013 commits), Gary Gregory (817 commits), Jean-Baptiste Onofré (715 commits), Sebb (614 commits), and Xiaoxiang Yu (537 commits).


All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF.

During Q1 FY2021, the ASF Secretary processed 171 ICLAs, 7 CCLAs, and 1 Software Grant. History of Apache committer growth can be seen at https://projects.apache.org/timelines.html

> Brand Management http://apache.org/foundation/marks/

Operations —the work of the Brand Management team falls broadly into one of three categories:

- trademark transfers and registrations
- granting permission to use our marks
- addressing potential infringements of our marks

The volume of work has remained steady this quarter. Registrations and transfers are lengthy processes but the tracking system we have put in place remains up to the task.

This quarter has seen the usual collection of requests to use Apache marks for user groups, events, merchandise and publications with nearly all requests being granted, subject to our Trademark Usage Policy.

The impact of COVID-19 has seen many events move on-line. Those events that had previously requested to use our marks have been updating their requests to reflect the new event format and often changes in timing. As with in-person events we work with the organisers and the ASF Conferences team to minimise scheduling conflicts.

Registrations —this quarter was a busy one for completing registrations where we saw five registrations complete including the registration of APACHE in the EU.

One registration was up for renewal this quarter and, after reviewing it with the relevant PMC we opted not to renew it.

Some registrations, particularly those outside the US, tend to be more complex. This quarter some of our registrations in China have continued to require additional work to help them progress.

Infringements Potential infringements are brought to our attention from both internal and external sources. The majority of infringements we see are accidental and our project communities are able to resolve these quickly and informally with occasional input from the Brand Management team. A small number of issues take longer to resolve. We made progress on some of these this quarter and hope that that progress will continue next quarter.

This quarter a number of issues were reported to us relating to products using our marks being sold through various online stores. We have started to engage with the stores in question to resolve the issues.

And finally…

The Brand Management team welcomes your comments and suggestions as well as any questions you might have. Please see https://www.apache.org/foundation/marks/contact for our contact details.

> Security http://apache.org/security/

We continued to work on handling incoming security issues, keeping projects reminded of their outstanding issues, allocation of CVE names, and other general oversight and advice.

For Q1 we tracked 132 new vulnerability reports across 57 projects. (Q1 last year for comparison was 92 reports). Those reports led to 40 published CVE vulnerabilities.


> Privacy http://apache.org/foundation/policies/privacy.html

No other issues have been raised till the last report.

The issue with the Apache Status page https://status.apache.org/ remains unresolved.

Due to the new ruling Schrems-II (as reported recently) the use of Google Analytics may be problematic. Instead, Apache Infra offers log analytics which may fit most projects. We will provide some docs on the available logs and will try to find a way to communicate this to our PMCs.

Also, Privacy needs to check Apache Whimsy for privacy concerns.


> Infrastructure http://apache.org/dev/infrastructure.html

This quarter has been quite normal for Infrastructure, despite the pandemic affecting our world. Since the Foundation does not have a central office, our staff works entirely from home and were able to remain safe and healthy. We do not sell any products, so there has been no economic-based reduction in what Infrastructure provides: services for our many communities. The team has continued its work at our regular breakneck speed and low-cost posture. Our planned meetup at ApacheCon North America was impacted, however, so we hope that 2021 will provide an opportunity for our team to gather together again.

Our Jenkins installation has seen a lot of work this quarter, as have migrated communities over to our CloudBees Operation Center installation. In particular, we now have multiple Jenkins Master instances to help those communities manage their donated Jenkins nodes (eg. the nodes donated to Apache Hadoop, or Apache Beam). One Jenkins cluster will continue as a shared resource for the Foundation as a whole.

The latest and greatest new feature for our communities is a tool we call "asf.yaml", enabling projects to self-manage many facets of their project: website publishing, Jira integration, mailing list notifications for different types of events, and GitHub metadata. These features used to require projects to file work tickets for simple, routine tweaks of their workflows.

A fun thing for our team as been Marketing and Public Relations' new "Inside Infra" blog series. We have been supporting that effort to provide an inside and a "human face" on our otherwise-opaque set of activities on the team.

Our regular activities continue with improving our release archive service, migrating to newer Ubuntu and puppet systems, hardening our GitHub integration, and getting our email system migrated to newer and more manageable servers.

> Treasury and Financial Statement --map against https://s.apache.org/FY2019AnnualReport

The Foundation is in excellent fiscal shape with all tax and compliance forms filed on time. Latest public filings can be found at http://www.apache.org/foundation/records/ . I have advised that officers minimize expenses until there is more certainty in global economic outlooks.  Officers have done so by delaying new investments.  This combined with a reduction in travel costs from conferences has made it possible for us to significantly reduce costs without reducing our service level to our projects.

In the last quarter we also completed our transition to accounts payable approvals via bill.com.  This has vastly improved the accuracy and auditability of our vendor payments and reduced the level of expertise required of the volunteers and staff who manage vendor payments.

The majority of our cash remains in a CDARS account at Boston Private which provides FDIC insurance for the full amount. See below for income and expenses:


Income and Expenses for Q1 FY 2021




Apache Software Foundation






Q1 FY 21





Income Summary:





Public Donations

$ 9,405




Sponsorship Program

$ 262,048




Interest Income

$ 351



Total Income

$ 271,804





Expense Summary





Infrastructure

$ 195,414




Programs Expense

$ 90




Publicity

$ 133,185




Brand Management

$ 29,468




Conferences

$ 29,757




Travel Assistance Committee

$ -




Fundraising

$ 49,095




Privacy

$ -




Treasury Services

$ 10,321




General & Administrative

$ 1,413




Diversity and Inclusion

$ -



Total Expense

$ 448,743

Net Income

$ (176,939)



> Fundraising
 http://apache.org/foundation/contributing.html

Although we find ourselves in unprecedented times, we are happy to report that Fundraising for the foundation continues operating well. We have seen only a few changes in sponsorships with a Platinum sponsor renewing at the Gold level, a Gold sponsor renewing to the Platinum level, a Silver sponsor renewing at the Gold level, and two Silver sponsors unable to renew. Despite the trying times of this pandemic, we are again humbled and honored by our Sponsors' continued support!

This quarter we finished a long-running effort to normalize all sponsorship links on our Thanks page with the rel="sponsored" tag. This is in support of popular webmaster best-practices announced last year which we broadcast as our go-forward model in November of last year.

Fundraising support for ApacheCon @Home launched this quarter with excellent interest. At the close of the quarter, we were pleased to not only see several returning sponsors, but several new sponsors for the ApacheCon events.

In addition to the generous support of our corporate sponsors, we were honored to have received more than $4,000 USD through individual giving to the foundation. Part of this was driven by participation in the #GivingTuesdayNOW COVID-focused giving campaign. We were also awarded a distribution from the UPLIFT! initiative led by FOSS Responders.

As always, we are immensely thankful to our sponsors, who make it possible for our communities to build world-changing software

PLATINUM: Amazon Web Services, Comcast, Facebook, Google, LeaseWeb, Pineapple Fund, Verizon Media, Tencent

GOLD: Anonymous, ARM, Bloomberg, Cloudera, Handshake, Huawei, IBM, Indeed, Union Investment, Workday

SILVER: Aetna, Alibaba Cloud Computing, Baidu, Budget Direct, Capital One, Cerner, Inspur, Red Hat, Target

BRONZE: Airport Rentals, The Blog Starter, Bookmakers, Cash Store, Bestecasinobonussen.nl, CarGurus, Casino2k, Cloudsoft, The Economic Secretariat, Emerio, Footprints Recruiting, Gundry MD, HostChecka.com, Host Advice, HostingAdvice.com, Journal Review, LeoVegas Indian Online Casino, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M, SCAMS.info, Site Builder Report, Start a Blog by Ryan Robinson, Talend, The Best VPN, Top10VPN, Twitter, Web Hosting Secret Revealed, Xplenty

TARGETED PLATINUM: CloudBees, DLA Piper, JetBrains, Microsoft, OSU Open Source Labs, Sonatype, Verizon Media

TARGETED GOLD: Atlassian, The CrytpoFund, Datadog, PhoenixNAP, Quenda

TARGETED SILVER: Amazon Web Services, HotWax Systems, Rackspace

TARGETED BRONZE: Bintray, Education Networks of America, Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, Virtru

Going into the second quarter of our fiscal year, we remain energized and cautiously optimistic that we will weather the current storm.

To sponsor The Apache Software Foundation, visit http://apache.org/foundation/sponsorship.html . To make a one-time or monthly recurring donation, please visit https://donate.apache.org/

= = =

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Rich Bowen, Vice President Conferences; Mark Cox, Vice President Security; Sharan Foga, Vice President Community Development; Christian Grobmeier, Vice President Data Privacy; Myrle Krantz, Treasurer; David Nalley, Vice President Infrastructure; Tom Pappas, Vice President Finance; Daniel Ruggeri, Vice President Fundraising; Greg Stein, ASF Infrastructure Administrator; and Mark Thomas, Vice President Brand Management.

For more information, subscribe to the announce@apache.org mailing list and visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the @TheASF on Twitter, and https://www.linkedin.com/company/the-apache-software-foundation.

(c) The Apache Software Foundation 2020.

# # #

Inside Infra: Daniel Gruno --Part II

The "Inside Infra" series with members of the ASF Infrastructure team continues with Part II of the interview with Daniel Gruno, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity.




"...it speaks of how tenaciously the Foundation guards its core values, one of which really is provenance, because it's the Apache seal of approval, means this has been thoroughly vetted. We know where every single piece of code comes from. And we know that it works."


What about "user demand" --what does it take for you collectively to decide, "OK, we'll support Kubernetes," as you mentioned it earlier, or whatever? Are there strategic technologies that you want to work with or plan to support, or is it all coming from the projects themselves? How does that process work? You're creating projects out of some kind of pain point or some kind of vision. So for you, is it a longer-term thing? Do you have an influence on this? What drives the growth of services delivered? It's a mix. It's a mix of, first of all, the Infrastructure team is paid by The Apache Software Foundation and it's paid by The Apache Software Foundation to help the projects. So what we do must first and foremost be something that helps the projects and not something that just helps Infra. I mean, of course, we can make tools and have services that will assist us in our work, but the ultimate goal must be supporting the projects. First and foremost, we listen for projects that come and tell us, "We would really like this or we would really like that." Having said that, we do not always say yes. We have costs to consider. We have maintainability to consider. So as a general rule of thumb we will say, "Okay, project A wants to use service foo. Does anyone else want to use service foo right now?" On occasion, you get, "Nope. No one else wants to use service foo." And then we go back to project A and say, "It doesn't seem like this is feasible for us economically to maintain if it's just you." But you can also have a situation where 10 projects suddenly say, "Yep, we really, really want to use this." Once you have a trend for something, we are usually not proactive, but reactive to these trends. So a project will come and tell us, "We really want you to use this." We will go out and see if anyone else wants to use this, and they will say, "Yes, please." That's when we'll add that feature or service. We also have ideas of our own that are, by and large, a result of either existing services not doing what they're supposed to, or they're being... Let's say you have... For example, there is Google and there are mail archives that we had in the olden days. At some point we wondered, "Why don't we combine it so you can search for emails in the archive?" That's how lists.apache.org came to be. So we have both things that projects come and say, "We really want this," and we also have this crystal ball where we look at problems we're having with existing services, where we look at possible combinations between existing services and other existing services or new services that are emerging in the Web. Or we just have someone say, "Hey, wouldn't it be wonderful if something like this existed?" So it's really a mix of projects asking us and trends emerging and just blue skying, "Wouldn't it be cool if...?" Have you guys been in the situation where you found yourselves caught where there was this magical trend that everyone wanted, and it just didn't serve the Foundation, it failed? Were you guys in that situation where you had to back pedal? Or is that not part of your experience? I would say the most prominent or obvious feature or service would probably be GitHub where we started in 2010 with mirrors of our local Subversion and Git repositories. They would be mirrored to GitHub. That was actually a bit later, but around that time, they started mirroring stuff to get up, but you couldn't write to GitHub. We were adamantly against it. Because provenance, provenance, provenance: that is that thing that if you know Apache, you know that provenance is one of our key features. We like to be able to say, "Oh this came from that. This came from this. This came from that." We had concerns at Infra that we were not able to have the exact --emphasis on exact-- same provenance as we had on our own servers, and we got a lot of pushback for that. In the end, we figured that maybe we don't need this kind of providence that we had. Because we had very verbose logging going on for our own service that we couldn't get from GitHub because GitHub is a third party provider. They're not going to fork over sensitive data about their customers to us. So a) we were willing, at some point, to compromise, because it turned out that the data that we had been collecting was maybe not so important after all, and b) we came up with this linking utility that would actually allow us to go in and see who that person committing was on the ASF side. That is, if someone commits with a GitHub account, we can go in and see, "Oh, this is actually this specific ASF Committer," because we have this internal mapping going on with GitBox. And so with that, and then the realization that we didn't need all of this verbose logging, we finally decided that we're going to allow write access, but that was probably... It could have happened a year earlier. A year sooner. But I wouldn't say that it's a failing, of us, as Infrastructure. I think it's more it speaks of how tenaciously the Foundation guards its core values, one of which really is provenance, because it's the Apache seal of approval, means this has been thoroughly vetted. We know where every single piece of code comes from. And we know that it works. If you're suddenly letting go, even if it's not really the case, but if you're seemingly letting go of some of those core values, you are going to get pushback because we all, I want to say, love and cherish the Foundation. We all believe so powerfully in its mission that for a moment, we forget reason sometimes and we just push these core values without interpreting them, which is sometimes the right thing to do. If we have a core value that says, "We need to be able to see where the code comes from." That doesn't necessarily mean we need these five specific points of data from every single user. It just means we need to know where the code comes from. And if that means these four we know, plus this one new one, then that's just as good. That was a bit grandiose, sorry. No, no, no. There's a lot to it. And I love the angle that you're providing with your answers. That's very different from the other guys' perspectives and that's super helpful. It's important, because that's demonstrative of the diversity of the Foundation. We're people, we're not just machines. And so it's very cool to hear this. Moving on specifically with our growth, like how do you close your skills gap? Do you do that? Do you rely on the team? How do you cope with stuff that way? Oh that's a good question. I rely on mentors that I have. I'm not a bookworm, for example. I can't sit to read a book. I can barely watch a movie because I have a very low attention span. So what I'll do is I'll make some mistakes and I'll have some mentors that I have come in and tell me, "You're doing it wrong." And then I'll fix it or try to fix it and they'll say, "You're doing it wrong again." Eventually, well in a loving way, eventually they'll say that this is right. I love to learn by example. I have a lot of mirror neurons in my brain. I like to copy styles. I like to mishmash styles together. And I love to fall in love with new ways of --this is going to sound very nerdy-- I love to fall in love with new styles of programming. I recently discovered something called MyPy, which is a typing checker for Python. At first I was like, "Oh this is boring," and then I realized, "Oh, I can actually use this for checking whether what I write is going to always work." Then it changes into, "This is awesome. I love it." Which then changes into, "Everything I've ever written must now be written using this typing hint." And then suddenly I have Greg Stein yelling at me saying, "Yes, this is technically valid, but I really don't need this." Another mentor I have introduced me to this typing hint. And so I progress by observing other people doing their things and where they and I differ, there are basically two scenarios. Either they're worse than you are or they're better than you are. If they're better, or perceived better, I will usually try to study, "What are they doing that's different from what I am doing?" and if I like it, it tends to stick like a rash. Then suddenly, it's in everything I do, because I'm not a trained programmer. I never studied programming. I never studied computer science. I studied social economics and then human resource management which is very far from it. It was always just a hobby thing so I never really learned about unit testing. I never really learned about unit testing. I never really did learn about proper documentation outlines. And I never really learned this is the correct way to program in this language. This is how you style it. It was always just looking at some examples and then picking the parts that I thought was interesting. So what I initially want to start off as a program, what I wrote it, it would work, but it would be very ugly and it would be very error prone. So people would say, this is a cool piece of software, but it's very not pretty. This is what you should do to change it. So I've relied on people not telling me that I am good or bad, but telling me, this is the difference between what you do and what I do, and then having it be up to me to figure out is this something I want to adopt. Greg, for instance, has been a tremendous help in that Python department, not necessarily by saying, “you need to do this, you need to do that,” but by writing some examples. Commenting code on saying, “this could be” --emphasis on “could be”-- “could be this. Or you could use this instead.” Because he's got decades of experience in Python programming, for him to say there's a different, smarter way of doing this, it's not by using words, but by just showing the examples. Because he knows that I pick up on the why pretty easily. I just need to know that the difference exists, then I'll know the “why” eventually, because I'll be very interested in why that difference is. So he just kind of feeds me these little nuggets of this smarter way of doing it. I learned from that and I'm very grateful for that. Tell me how has ASF Infra changed over the years: is it proactive? Reactive? How and why did this come about? Obviously it's changed, but was it an organic thing? What's your take on that? It's changed in a lot of different ways and also it hasn't changed. And also: I don't know. It's changed in that it has become more of an obvious hierarchy now, which is not a bad thing. We have a place where the buck stops now: we have a place where decisions are being made. We have, most importantly for someone like me as a staffer, I have someone that I can defer to that I know will take care of it or will be the one with the final responsibility. That can shield us lowly peons when someone is being a bit too grumpy. That has changed which also means that we, the staffers, are not as abrasive as we used to be. I remember when I joined, the tone was a lot different. This is of course my perception as being this little timid newbie back then, but it was more, every single person had to kind of fend for themselves. Now we've got more of a cohesion. We have yearly gatherings, face-to-face gatherings. We talk about a lot of non-work related items. We have weekly calls that didn't happen before. I guess you can say it's become more of a family now than before because we interact with each other on so many different levels that are not specifically work-related now. It's also made us more friendly. The change was largely planned. Or it wasn't “planned”, but was planned as a reaction to events that happened --sometimes you come across some things when you're in any given company. We were like, “we need a change”. And this was one of changes that happened a few years back. Well quite a few years back. Actually, I think this was in Cambridge, not Cambridge, Massachusetts, but Cambridge in England. We had a meetup with our new, at that point, our new Vice President of Infrastructure, David Nalley, and the existing infrastructure team. This was the first event in my lifetime, if you will, of the team. The first face-to-face meeting we had, that was all about “what are we going to do in the future as a team”, where we worked out a lot of policies and work methods that we still use to this day. I'll not go into too much detail about why, but it was planned as a reaction to us being perceived as not the most welcoming group of people. If you go back 10 years, it was in my personal experience, a lot more daunting asking Infra for something. Do you think that's because people were just rude? Or was it a matter of them being overwhelmed? Or there was no process? What do you think was behind that? I think there was not a sense of structure in the team that we have today. People were self-led. We are, let me emphasize that, we are still very much self managing in the team, but we also have a boss and a boss's boss that let us know what they would like us to focus on for the long term processes. We didn't really have that before. It was more fend-for-yourself, figure-out-something-to-do. And if you can't, then that's just “why not”? We have a lot more structure after the Cambridge meeting. And after David started as VP Infra. Because we had gone from being --I don't know if you know this saying in the US, but there is some difference between a United States and American NATO Secretary General, and a Dutch NATO Secretary General. And that is that one is a secretary and one is a leader. One is a boss and one is a leader. We had a change in the style of management at that point. It's not that (former ASF President and VP Infrastructure) Sam (Ruby) wasn't doing his job. It's that David added something to the job that wasn't there, hadn't been there before. Sam was doing what every single VP before him had been doing. Which was fine. David came in and saw that there were things that he wanted to improve upon and he improved upon it. One of the outcomes was that, in my view, that the team also became more friendly towards people coming in with issues. But it's also a different environment that we are in now as a team. Apache in the old days, it was strictly volunteers spending their hobby time, doing what they love. It has slowly pivoted into being people that are paid. They still contribute as individuals, but they are being paid to make those contributions. They are also part of larger teams, often at big companies that have a lot of resources. The expectations and demands of the Apache infrastructure has also increased exponentially as we have become a large organization. So what we are tasked with today is also more demanding. I don't think that the infrastructure to staff 10 years ago would have the same interactions and the same good terms. You want to be on the same good terms with the contributors as we are today. So in that sense, I think David was gearing us up for what was to come. David has also a unique perspective because he had come on Board in 2012 as part of the Apache CloudStack project. So he came in as an incoming project that also needed support from infrastructure. So he has experience on both sides of the fence, so to speak. You know, Sam has a much “older” experience in terms of him being with the Foundation from a much earlier time period. So it's very interesting to see how the evolution has come about. A lot of us who've been here from the beginning see things a certain way, and don't realize that from an outsider's perspective, that experience might be completely different. It's very interesting to be able to have that balance and have someone come in and kind of make the team more cohesive based on what their perceived needs were and being able to project what projects will be needing in future. It really is. Yeah. Also, he has a very special way of --let's say he's very “godfather”-like. I don't mean that he kills people! He has a very persuasive non-intrusive way of asking you for a favor that a) I find very endearing, and b) I know why he using it: because it's very effective. That I don't think a lot of people would get away with. So what that means is we do a lot of things that David asks us because it's David, because he's built up goodwill. It's easier for him to shape the team and to what he wants it to be as to someone that was just there as a secretary and didn't really do anything. If you're not engaging with the team as a boss, and then you suddenly come in and say, do this, there will be pushback. But if you're engaging, if you're there, if you're have a presence in the daily routines and the daily water cooler chat, and then you say, "Hey, by the way, what do you think about this idea?" Then you're much more likely to get a positive response back. I think that's one of the things that David brought is a more relatable and more ... let's say he's brought in a closer bond between boss and workers. Leader and workers. And now we have Greg as well. So now we have two of them. That’s progress in the right direction. What areas are you, meaning Infra, experiencing your biggest growth? At the moment, that would be continuous integration, which is building software basically. Testing that something builds. Testing that something compiles properly, that it passes these tests. We have six or seven different platforms for that at the moment, and it is using hundreds of machines. And it's never enough! We know we have a demand and we know what the trends are, and we're also kind of blue-skying a bit on how do we solve what's ahead of us. A lot of this is throwing more money at it because that always helps. A lot of it is, again, going back to developing smarter tools that enable us to utilize the resources that we have, because we are not like a big whale. We don't have a cash whale: we don't have that much money. So we’ve got to make sure that the resources that we buy or lease or rent or whatever, are being utilized to their maximum potential. So that, again, comes back to figuring out how do we go in and monitor. Is it being utilized? What can we do if it's not? What do we do with over utilized? Can we figure out where it is bottlenecking? And a lot of other things. Builds, continuous integration, continuous delivery, I think it's called. That's the place where it's the most growth at the moment. With regard to CI, what is the most popular platform that you guys are using or what service has the biggest demand? The most used one is still Jenkins. I think we have 30-40 Travis machines building there, and that's practically nonstop. With Jenkins, we have, I think it's 150-200 machines or something that are building practically nonstop. That's by far the largest platform we have. We are using a lot of Travis and Buildbot. We can always use more of that. You’ll be talking to Gavin (ASF Infrastructure team member Gavin McDonald), who has been working a lot on splitting Jenkins into smaller components. So that major software categories, for example, get their own platform and bigger projects can get their own platform. This is because we don't want a monolith. We're splitting that up to actually save us some costs and not have so much downtime on the time. He can tell you much more about that. One of the things we did was graph out how much are we actually using and how much have we been using. Which projects are using the most of these resources? And if there's a specific project that sticks out like a sore thumb with, I don't know, 50% of all the computers or the machines are going towards that project, then we'll reach out to them and say, are you maybe doing something that's a bit too intensive? Can we scale this back a bit? Or do we need to look for a specific targeted sponsor for you or what? We're not constantly, but on more occasions than not are looking at these resource usages and seeing where can we optimize things so as to not use too much money and also not use too little money. Just the right amount. So many companies, as you know, are really struggling with their teams working from home in response to COVID lockdowns and stay at home orders. From day one, ASF has been virtual. I understand that you were stuck in another country when the pandemic lockdowns happened. How did you cope with that? Did anything change with your operations, your work? How were you impacted by that? Work-wise I was not impacted at all, which is wonderful. We are able to work from pretty much wherever we are. And this was not my first trip abroad, believe it or not. This was in Canada, by the way, I was stuck for 105 days. In the few places that I go to more than just once, I have it set up so that I can work from there in a reliable and comfortable way. By that I mean, I don't like laptops: they're a wonderful invention, but I don't like them. I don't like sitting hunched over a tiny, tiny keyboard without a mouse and looking down instead of straight ahead at the screen. Luckily I have a laptop and I travel with it all the time, but I plug it into a KVM switch which is a keyboard, video, and mouse adaptor. I have a monitor and a good old sturdy keyboard set up in the places where I frequent often. So I was able to work from there as I would with my stationary machine back home, just using my travel laptop. The only difference was the time zone difference. But we do most of our work, asynchronously. And whatever firefighting there is that always just happens at random hours. So it doesn't really matter what time zone you're in. You're going to be screwed one way or the other What do you think people would be surprised to learn about ASF infra? Surprised? I mean, probably that it's only six people. I'm sure, I remember Drew saying this and Chris and so on, but people are often surprised that it's only those five-slash-six people that are doing all the work. I know you all, and I'm astonished by it. I'm perpetually amazed by that. It is a seriously huge feat. You want to know what surprises me from the inside? That we actually manage it. It surprises us as well. It's not that “oh yeah we're just that great”. There is something about the coalition and the project that we can't really explain, and it's not explained by the individual parts. It really is the sum of the whole, that somehow… Huge, huge, huge undertaking. It's massive. And the fact that you guys do it is incredible. And yeah, you know it would take five, six times the number of people to do it elsewhere. So it's very special. I think we also have a lot more on flexibility from up above. From both our boss and his boss and his bosses. They trust that we know what we're doing in a sense that you might not find at a typical company. And I think that is part of the reason why we're able to do the things that we do so efficiently. Because we've been given this trust and we've been giving the benefit of a doubt if you will, when we choose to... They trust that we know how to manage our hours and get things done. Like it's not a strict requirement that you be here, nine to five, Monday through Friday. You can be here, I don't know, three hours one day, and then 12 hours next day. Or maybe you want to work on Sunday instead. As long as the job gets done and nothing falls through the cracks, they basically let us get our job done. And I, again, I think this is a win-win situation because it allows for us to kind of cool down when we've burned out a bit, but it also gives them the added benefit of when I feel like I will put in the extra hours because kind of as a “thank you for you let me decide my hours”. So I'm going to put in some more time here and then I'll relax when it's quiet. Because we do get quiet days. So you all have to carry the load, which is good. There's no favoritism. Everyone has the same shared responsibility --you all have to be on call, for example. Yeah. It's still quite a flat structure. I don't consider myself senior in a managerial wage to any of my coworkers. And so if I were to, or if someone else, if Gavin or Chris or Chris or Drew. If anyone were to say, "I'm not going to be on call," that would create a rift between us. I mean, there are staff members who wish they didn't have to participate in it, but we all are on call on a rotating basis. And so I think we're fortunate that we're all in a position where we're okay with it. We were able to manage it because there are legit situations where someone is not able to be on call. I think we all have them from time to time or someone else has had to cover our shift so to speak. All five of us are fortunate that we don't have things going on in our lives where you can't be on call, because those things, they can happen.

Sure, that makes sense. So what's your favorite part of the job? This is going to sound weird for a lot of people, but my favorite part is the weekly meetings. Why does it sound weird? People aren't social? I don't know. It might sound weird to normal people who don't like meetings, that I liked meetings. There's something about meetings... Even though they are very informal meetings, I like the little shred of formality that there are about them. And so that's, I think, my favorite part. And also I get to prepare for them. All right. So you must like preparing for the Board meetings too. Yes. You should read my Apache Web Server reports. What was your biggest challenge when you came into the role at Infra? There were two major challenges. The first one was learning the ropes. This is, as both I have said and a lot of people before me, it's such a complex system at ASF. There are so many things to know and it doesn't just take a year: it takes years to learn enough to get by without someone else's help. So that was, by far, the biggest ... Well, no, that was the second biggest challenge. The biggest challenge was believing in myself and not being scared of doing things unsupervised. Because again, what I can do and what my other colleagues can do with their keyboards is very, very ... We wield a lot of power over a Foundation that is responsible for so much in the world. Not being afraid of typing a command takes a long time when you know what a title can do on a machine. You know, “did you just delete this file or did you delete the entire hard drive”? And especially at the very beginning of getting into the job, I would double, triple, quadruple check everything I typed. I would wait for sometimes minutes before I hit enter just to be sure, I would look up that am I doing the right thing. Just to be sure that I'm not messing things up now. And as you to do it once, twice, three times, 10 times, a 100 times, you become more confident and you also relax more. Your first thought isn't “what if this goes wrong?” First thought is “let's see what happens next”. Or you're thinking ahead to the next debugging step or the next problem solving step instead of being stuck on what if this goes wrong? Which also means unless something goes wrong, you work a lot more efficiently. Because you're not fearing the Enter button. What are you most proud of in your Infra career to date? Let's see. I'm well, probably most proud of ... That's a very difficult question. That's why I ask it. If you don't want to answer, that’s okay. Oh, no, no, no. It's just that I've made so gosh, darn many things. What I'm most proud of is probably ... I would say that lists.apache.org is a thing that's playing out of an Infra job I was doing that. Yeah. I'd say that's probably the thing I'm most proud of. lists.apache.org is very powerful. We all use it every day. So that's yours? With the help of a few friends, yes. It was a brainchild of mine during some tests we had at Infra. And again, it's one of those situations where you have something that's not working and you're like, "Maybe I'll just rewrite it completely and it'll work. And then you start writing and then you find a good idea, a better way of doing some things and some things don't work. And then sometimes eventually you end up with a product that sticks. It's one of the most long lived projects I've had and that's still used today. Well, it's super useful. There's no doubting its efficacy and necessity. I mean, how many mailing lists do we have now? 1,700? It's some crazy number. I think we're nearing 2,500 if you count the private lists. And that's like 25 million emails, so ... That's insane. That's very cool. Very cool. All right, next question. This is the one that everyone kind of laughs at. How would your coworkers describe you? I'll have to think about that. They would probably describe me as the one that suddenly says something completely out of context. (Laughing) Okay. I thought I was supposed to be laughing, not you. That is funny. What happens is when I asked the question, Chris, Drew, and Greg, all laughed. Then they give me their answer and I always laugh. So it's classic. Tell me what you think are the biggest threats that infrastructure teams need to watch out for? I think the biggest threats are relying on tried and tested methods, but forgetting the change and expectations of the user in terms of user experience. I've seen a big change in what a user expects from Infrastructure in terms of user experience. I don't mean they just want it more easy, but I mean people want it more feature complete, they want it to look more intuitive, they want it to tie in together with what they are already using. They want to tie it together with whatever is the next new hot thing. If you stick with what might be good and try it and test it and it's stable, you might end up losing everyone because while it might be that, it might also not be what people are using tomorrow. If it's not what people are using today and tomorrow, then no matter how good it is, people are going to move away from it. Not necessarily outdated in the sense of technology, but more in the sense of trends. What is trendy. Yeah. I mean, it used to be Vine. Now it's TikTok and tomorrow it's going to be something else. If you don't keep up with the fashion of IT, then you're going to find yourself not wanted. That timing out happens more quickly these days, it seems. Okay, what would be advice to aspiring sysadmins or Infrastructure team members? My greatest piece of advice is basically don't be afraid because this ties back into the daunting task of having to push the Enter button after you type something in the command line. Don't be afraid because you'll lose so much time just being afraid that you could have spent fixing things or learning new things or making yourself more at ease. Just jump in with both feet and you'll be fine: you're awesome. Yeah, that's good advice. If you had a magic wand, what would you see happen with ASF Infra? Oh, interesting. I would like to see us having some magic, unified CI system that could be used across the different repository and types we had and didn't require any machines that would just build instantaneously. And yeah, be free of us needing to manage yet and pay for it. And also, if GitBox version two was suddenly a thing tomorrow and I didn't have to actually write it, which I still have to do. Okay. What else do we need to know that I have not asked yet? Gosh, I don't know. I don't know. One thing I'm really good at or one thing I'm really bad at is when you ask me an open question like that, because I don't know where to go with that. I am very good at analyzing a question and coming up with a specific response, which is why when people say, "How are you doing?" I get confused or I say, "I'm okay." And get nervous and forget to ask them how they are doing, because I don't get the dynamics that are happening there." The reason why I ask this question is sometimes people come in thinking, "Okay, this is my area of focus." They might want to talk about the “blue switch” or something specific like that, then we talk about all sorts of other things. We may derail. I may be driving the interview in a certain direction, and they have this pain in their gut because they never got to talk about the blue switch that they wanted to. The only thing I could think of would be something called pip-service, which is a new thing we're making, which is kind of like a package manager for all of our infrastructure services. Again, it's us working smarter instead of harder. And we were defining a way to easily install or run a service on any given machines and set them up without actually having to install and run then set them up. It would require a lot more time to explain in detail, but it's really nifty. Is it coming soon or is it available now? It's in production. And it's really helped us a lot. I love the efficiency of Infra, how you guys are having these new directions ... Like when you and I were dealing with the selfserve.apache.org the other day for the CMS (content management system), when I was getting the Annual Report up. For 21 years, I haven't been able to deal with the ASF CMS and then you walked me through it in literally three minutes on Slack and boom: it was done. I was amazed and shocked --because I'm not a technologist. To me that was phenomenal. You guys are really helping so many different kinds of people with different profiles and different skill sets. It's very cool. I think some of that ties into, again, the CMS was cool 10 years or 15 years ago, but it's not really been able to keep up with what's going on at the moment. No one knows how to use it because it's not very intuitive… Or it's not what we do today. Right. As we’re halfway through the Infra team, who do you think I should be interviewing next? I think you should be interviewing Gavin because he knows a lot about the CI platforms that I have been on, off raving about here. Gavin's not planning to talk to me until October... Oh, well then you should talk to Chris Lambertus, because he doesn't want to talk to anyone. (laughing) Chris can talk a lot about the upgrade of our email infrastructure. We have a lot of very tough work ahead of us in that we're upgrading an infrastructure that again, it works, but it's kind of like upgrading from an IBM mainframe to a modern computer: not that much of a upgrade, but we are having to modernize heavily on our Infra email infrastructure. I understand that's a huge, huge project. It's a very big project, yeah. That's a little advice for sysadmins there. = = =

Daniel is based in Copenhagen on UTC +2 (currently on CEST). His favorite thing to drink during the workday is lukewarm, weak coffee.

Friday October 09, 2020

The Apache News Round-up: week ending 9 October 2020

Hurrah for Friday! We've had a great week within the Apache community. Here's what happened:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 October 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - ApacheCon@Home 2020 was a huge success https://blogs.apache.org/conferences/entry/apachecon-home-2020-was-a 
 - Select session recordings will be posted in the coming weeks to https://www.youtube.com/c/TheApacheFoundation/ 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.92%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 384 Apache Committers changed 1,331,935 lines of code over 3,179 commits. Top 5 contributors, in order, are: Andrea Cosentino, Claus Ibsen, Mark Thomas, Mark Miller, and Sebastian Bazley.  

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Calcite 1.26.0 released https://calcite.apache.org/
 - Apache Calcite CVE-2020-13955 Disabled HTTPS Hostname Verification https://s.apache.org/m9xta

Content --
 - Apache Any23 2.4 released http://any23.apache.org/

Libraries --
 - Apache Commons Net 3.7.1 released https://commons.apache.org/proper/commons-net/

Programming Languages --
 - Apache Groovy 4.0.0-alpha-1 released https://groovy.apache.org/

Search --
 - Apache Lucene 8.6.3 and Solr 8.6.3 released http://lucene.apache.org/

Servers --
 - Apache HttpComponents Client 4.5.13 GA and 5.0.3 GA released https://hc.apache.org/
 - Apache HttpComponents Client CVE-2020-13956 Incorrect handling of malformed URI authority component https://s.apache.org/lpvrx

Web Frameworks --
 - Apache Wicket 8.10.0 released https://wicket.apache.org/


Did You Know?

- Did you know that the following projects are celebrating anniversaries this month? Many happy returns to the Apache Incubator (18 years); Xalan and XML Graphics (16 years); PDFBox (11 years); Thrift (10 years); JMeter (9 years); Cordova, Isis, and OpenOffice (8 years); jclouds (7 years); Calcite (5 years); Juneau and Kibble (3 years); Joshua and ServiceComb (2 years); SINGA and Submarine (1 year) https://projects.apache.org/committees.html?date

- Did you know that Apache Airflow, Arrow, Druid, and Superset (incubating) were awarded InfoWorld's Bossies for the Most Innovative Open Source Projects &  Next Generation Tools? Go Apache! https://www.idg.com/news/infoworld-announces-2020-bossie-award-winners-for-the-most-innovative-open-source-projects-and-next-generation-tools/  

- Did you know that Pinterest's real-time analytics platform is powered by Apache Druid? http://druid.apache.org/

Apache Community Notices

- Apache Month In Review: September 2020 https://s.apache.org/Sep2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Christ Thistlethwaite https://s.apache.org/InsideInfra-Chris | Drew Foulks https://s.apache.org/InsideInfra-Drew | Greg Stein Part I https://s.apache.org/InsideInfra-Greg , Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 | Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Friday October 02, 2020

The Apache News Round-up: week ending 2 October 2020

Hello, October --we've had a super-busy week, with ApacheCon drawing thousands of online participants as well as a slew of activities from the Apache community:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 October 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - It's a wrap! ApacheCon@Home recordings will be posted in the coming weeks (send email to announce-subscribe@apachecon.com to receive updates and future conference notifications). Thank you to event sponsors Apple, AWS, DataStax, IBM, Imply, Instaclustr, MuseDev, OpenLogic/Perforce, Red Hat, RX-M, and VMWare. 

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.97%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 306 Apache Committers changed 748,827 lines of code over 2,445 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Andrea Cosentino, Mark Thomas, Duo Zhang, and Claus Ibsen.

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache HBase 2.3.2 released https://hbase.apache.org/
 - Apache Flink Stateful Functions 2.2.0 released https://flink.apache.org/
 - Apache NiFi 1.12.1 released http://nifi.apache.org/
 - Apache NiFi CVE-2020-9486, CVE-2020-9487, CVE-2020-9491, CVE-2020-13940 https://s.apache.org/hlh3t 

Build Management --
 - Apache Ant 1.10.9 released https://ant.apache.org/
 - Apache Ant CVE-2020-11979 insecure temporary file vulnerability https://s.apache.org/rnaf4

Integration --
 - Apache Camel 3.4.4 released https://camel.apache.org/

Libraries --
 - Apache Commons DBCP 2.8.0 released http://commons.apache.org/dbcp/
 - Apache Commons Pool 2.9.0 released https://commons.apache.org/proper/commons-pool/

Messaging --
 - Apache Pulsar Manager 0.2.0 released https://pulsar.apache.org/

Programming Languages --
 - Apache Groovy 3.0.6 released http://groovy.apache.org/

Servers --
 - Apache HttpComponents Client 5.0.2 GA released https://hc.apache.org/

Web Conferencing --
 - Apache OpenMeetings CVE-2020-13951 DoS via public web service https://s.apache.org/1ugzb

Web Frameworks --
 - Apache Struts 2.5.25 released https://struts.apache.org/


Did You Know?

- Did you know that dozens of Apache project and community presentations are available at the ASF's official YouTube channel? https://www.youtube.com/c/TheApacheFoundation

- Did you know that Apache Druid powers real-time analytics for Airbnb, Alibaba, British Telecom, Cisco, Didi Chuxing, eBay, Hulu, Lyft, Netflix, and many more? http://druid.apache.org/ 

- Did you know that members of the Apache community will be presenting at All Things Open, taking place online in a few weeks? Registration is open https://2020.allthingsopen.org/
 

Apache Community Notices

- Apache Month In Review: September 2020 https://s.apache.org/Sep2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Christ Thistlethwaite https://s.apache.org/InsideInfra-Chris | Drew Foulks https://s.apache.org/InsideInfra-Drew | Greg Stein Part I https://s.apache.org/InsideInfra-Greg , Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 | Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Thursday October 01, 2020

Apache Month in Review: September 2020

Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in September:

New this month --

 - ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
  -- ApacheCon @Home 2020: all 2020 events have been combined and held online (free of charge!) 29 September - 1 October 2020 https://apachecon.com/acah2020
   -- The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon@Home https://s.apache.org/74zbx 
   -- ApacheCon 2020 features Natural Language Processing for Electronic Medical Records in dedicated track on Apache cTAKES https://s.apache.org/x1051

 - "Inside Infra" – a new interview series with members of the ASF Infrastructure team
   -- Meet Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1

 - Apache Month in Review: August 2020 https://s.apache.org/Aug2020


Important Dates --

 - Next Board Meeting: 21 October 2020. Board calendar and minutes http://apache.org/foundation/board/calendar.html

 - ApacheCon @Home 29 September - 1 October 2020 https://apachecon.com/acah2020


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in September was 100%. http://www.apache.org/uptime/

Committer Activity --

In September, 808 Apache Committers changed 10,547,457 lines of code over 15,444 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Mark Miller, Mark Thomas, Claus Ibsen, and Jean-Baptiste Onofré.

Project Releases and Updates --

New releases from Apache Accumulo (Big Data); Beam (Big Data); Commons Codec (Libraries); Commons Daemon (Libraries); Commons IO (Libraries); CouchDB (Big Data); Fineract (FinTech); Flink (Big Data);  Geode (Database); HttpComponents Core (Servers); IoTDB (IoT); Jackrabbit (Content); Kudu (Big Data); Kylin (Big Data); Libcloud (Cloud Computing); Lucene (Search); MyFaces (Web Frameworks); NetBeans (Integrated Development Environment); Oak (Content); OpenMeetings (Web Conferencing); OpenJPA (Libraries); OpenWebBeans (Libraries);Proton (Messaging); Ranger (Big Data); Qpid Dispatch (Messaging); Qpid Broker (Messaging); Solr (Search); Syncope (Identity Management); Tomcat (Servers); ZooKeeper (Databases).

The Apache Incubator is the primary entry path for projects we invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . New releases from incubating podlings include: Apache MXNet (Incubating; Libraries). Congratulations to Apache IoTDB™, which graduated as a Top-Level Project this month https://s.apache.org/3xv3c

# # #

To see our Weekly News Round-ups, visit https://blogs.apache.org/foundation/ and click on the calendar in the upper-right side (published every Friday) or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. We appreciate your support!

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation