annals of poorly executed upgrades

I had tried 2.2 before and given up on it (is there a compelling reason to completely reject the syntax of an established configuration and at the same time not provide some kind of migration tool?)…. Turns out that 2.0’s threading is not all that good, where 2.2’s is, but the bear was getting all the right modules and php all hooked in again.

for some benighted reason, I decided to upgrade httpd from Apache 2.0.63 to 2.2.8. I had tried 2.2 before and given up on it as I couldn’t map my old configuration onto the new version/style (is there a compelling reason to completely reject the syntax of an established configuration and at the same time not provide some kind of migration tool?). I was either more lucky or more stubborn this time. I’d love to share how I got it to work, but I can’t recall all the steps and missteps involved.

The catalyst was realizing how slow the server with one user accessing the squirrelmail webmail instance: I knew there were different service models (prefork, threaded, etc.) and decided to try them. Turns out that 2.0’s threading is not all that good, where 2.2’s is, but the bear was getting all the right modules and php all hooked in again. There is a lot of stuff in Apache 1.x and 2.0.x that just works, even if is somehow inelegant. I can sort of see the reason to break out the config directives into files rather that sections of the same file that get muddled. But a parser that could take an existing (ie, working) config file and a. make it work in a 2.2 environment and b. do the sectioning would be a great thing.

At the end of the day, the performance issues I was annoyed by seem to be resolved.

Some niggly little gotchas:

  • For whatever reason, the access log tends to see a lot of these lines:
    ::1 - - [23/Jun/2008:12:53:40 -0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.8 (FreeBSD) PHP/5.2.6 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.7e-p1 (internal dummy connection)"
    Easily fixed with these lines in httpd.conf, but really: why not just put those in the default/example file?
    SetEnvIf Remote_Addr "\:\:1" dontlog
    CustomLog "/var/log/httpd/httpd-access.log" combined env=!dontlog
  • You get no modules built or loaded without specifying them: fair enough, the build process makes a lot noise about the choices available, but it never spells out that you have to choose.
  • And there’s the small matter of loading a kernel module (kldload accf_http_load). Add this
    accf_http_load="YES" # Wait for full HTTP request accept filter
    to /boot/loader.conf
  • And the exact syntax to look at the server-status from the server needed one more little change:
    <Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from 192.168.2.0/255.255.255.0
    Allow from localhost
    Allow from ::1
    </Location>

lots of hints here and other posts at that site.

Leave a Reply

Your email address will not be published. Required fields are marked *