Tuesday, March 24, 2015

Bitnami Open Source Leaders Interview Series: Larry Garfield from Drupal

Bitnami interviewed one of Drupal’s core contributors, Larry Garfield, for an inside look into the future of Drupal. With over 1 million active users it's easy to understand why Drupal is one of our most popular PHP solutions for content management, and why this application keeps evolving.

If you are just getting started or already a big fan of Drupal, this interview will give you some great insight into how Drupal maintains their community and what the future looks like for this application.

In the interview, Larry explains:
  • Who uses Drupal 
  • How to get involved 
  • What new features we should expect 
After learning more about the project, you can launch Drupal to the cloud or deploy it locally with free installers, virtual machines and cloud templates from Bitnami. Get started in the cloud for free with a $200 credit from Microsoft Azure.

Stuart Langridge:       These are the Bitnami Open Source Leaders Series of Interviews.  I'm Stuart Langridge, and I'm talking to Larry Garfield, who's a long-time Drupal core contributor. He's web services initiative lead for Drupal 8 and he's basically the de facto Drupal ambassador to the PHP world. Hi, Larry. Welcome to the podcast.

Larry Garfield:           Hello.

Stuart Langridge:       So the first obvious question is what's Drupal?

Larry Garfield:           Drupal is an open source content management platform written in PHP. It's an enterprise-grade piece of software, and it's been used by large institutions from the White House to MTV to Amnesty International, the king of Belgium and so on, but it also scales down to small nonprofit, small company/corner store type sites and everything in between. It aims to be the CMS for the entire market spectrum with an emphasis on content strategy and content modeling by thinking of the web as more than just a bunch of pages but as content management that you can then expose on the web. That's really where Drupal's strength lies.

Stuart Langridge:       You've named a bunch of organizations that are using Drupal from the very large to the very small. Are you deliberately targeting everyone from the very large to the very small, or are there particular types of organizations that you think Drupal is best for?

Larry Garfield:           Drupal, the community, is large enough that there's someone targeting every possible sector. Drupal is very successful, and some of its most successful markets are government and education. One in four universities in the U.S. use Drupal. Also, publishing loves Drupal. There are a lot of newspapers on Drupal that have been using it for a long time. In terms of a focus, I would say upper mid-range type of sites provide enough content that doesn’t allow for manual editing. If you have three dozen pages that need to be edited and want to have a common header on them, Drupal will do that and do it well, but it is somewhat overkill.

Drupal is really good once you start thinking in terms of 'I have information and content I want to expose', and 'I want to be able to expose it in different ways'. This could mean on a web site or on a mobile app, but it could also simply mean 'I want to be able to push a couple of buttons and say here is'. For example, a news article, and on this page is a list of news articles and on this page is a list of news articles in a sidebar beside something else. With Drupal, you can do all of that by pushing buttons rather than writing code. That's really Drupal's mission statements, where people should be able to build content-rich, content-driven sites without having to write code or with writing as little code as possible. There's still a lot of customization you can do with code to Drupal, but we try and put a lot of emphasis into the site builder experience for the person who's going to sit down and push buttons to architect a web site. That’s something where we feel Drupal is, if not unique, then certainly one of the leaders in that area of 'I want to build something powerful but I don't wanna write code to do so'.

Stuart Langridge:       One of the things I did want to know is the level of technical knowledge you need to run Drupal. You’ve talked about two different types of people – content editors and then the people who run Drupal itself, the system administrators. Or is the idea that you really don't need system administrators and you don't need technical knowledge to be a content editor?

Larry Garfield:           I would say there's two different roles. This is something of an open discussion within Drupal of who is Drupal for and who is the target audience, and I would say there's a couple of different important audiences. One is the content editor who should be able to enter content easily without having to be very tech-savvy. They should understand content such as creating an event instead of an event page, and they should not have to understand what PHP is.  They should be able to understand 'I have content and it breaks down this way', and 'I'm going to create this collection of content and display it'.

Then there's we call a site builder, who needs to understand Drupal. They need to understand Drupal buzzwords like node, entity, views, node cue, view modes, and things like that. They build the business rules around what the structure of that content is  and where to display it. So, the site builder sets up a site and creates structure of these content types and the fields they're gonna have. And then, they can have a list of faculty content matching that matches their rules in this format. All of that without writing code. That's a site builder. Site builders should be able to build the business logic, hand it off to a content editor who can then just edit content, select things in the UI and not have to worry about all of the business logic that was built for them by the site builder.

On some sites, those can be the same people, which is totally fine if it is small. I would say for most of my clients those are different people. Usually, at my company, Palantir.net., a Drupal consulting firm, we are the site builders. They hire us and say 'Here's our 100,000-page site, here's the kinda stuff we need, and figure out how to model that in Drupal'. After, we'll go through and do the content strategy by looking at their needs and what they want to do and what their design direction is. Then, we model that in Drupal by maybe building a little custom code for it, and putting a theme on it. After they pour content into it, and as they create the content, it just fills in the list over here, the list over there, a sidebar here, and this page here and so forth. And that's really the workflow of building a Drupal site.

Stuart Langridge:       So site builders build the structures into which all the content fits and the content editors actually put things in it.

Larry Garfield:           Right. And it's two very different workflows, honestly. One of the challenges of Drupal is trying to support both of those people, and that's where a good site builder can also build up additional administration screens without writing code to model. For example, a content editor's going to want to have to deal with news, so the site builder gives them some nice targeted workflows just for that. Another content editor is handling the entire museum collection section of the site, and they're going to have a different set of tools exposed to them. Drupal can do that very easily, and can have different custom screens set up for them. With Drupal core plus the right contributive modules and the add-on modules, you can do that with little to no code in many cases.

Stuart Langridge:       So below all that, you're obviously actually deploying Drupal to, web services or some kind of a cloud. What's the release strategy like? I did notice that you just released 6.34 and 7.34, and there's a Version 8 in beta. What's the deal with all the different versions?

Larry Garfield:           Drupal traditionally has had a stance of each major version we release and we support for two major releases. So Drupal 6 is our legacy release right now and it's been out for a long time. It's stable, and there's very little movement there at all, but there's still security support for it. Do not start a new site on Drupal 6 right now, because it is there only for people who already have Drupal 6 sites. Drupal 7 is the new current stable version, and that also is not getting new feature developments. That's just getting active maintenance, but that's also what most people with add-on contrib modules are targeting.

And I should make a tangent here that Drupal core on its own for Drupal 7 earlier is not all that useful. It is the platform on which you build a site using Drupal's contributive add-on modules, of which there are thousands. And that's really how you build a powerful modern Drupal site. It is just architecturally a deliberate decision that the core package itself for Drupal 7 earlier is not a complete system. You build your complete system on top of that. The idea is that once Drupal 8 comes out, then Drupal 6 support ends. Each major version does change APIs, and that's been done for a long time. The idea being that in order to advance the platform and not carry around lots of legacy weight, we're willing to break APIs between major versions. Sometimes we break a lot of APIs between major versions because it's kinda like the opposite extreme from Windows ME where Microsoft carried around a lot of dead weight for a long time and ended up with this train wreck of legacy code that they had to spend the next decade purging themselves of. Drupal has typically taken the opposite stance that a major version is a new thing.

With Drupal 8, which is the current development version, we are changing a lot of things, especially at the release process. A lot of the core system has been heavily refactored, heavily rewritten to use modern PHP techniques and technology to embrace the PHP renaissance. We’ve had a lot of PHP development communities come together and really started building reusable components that can be shared between projects, and Drupal 8 is kind of the poster child of that transition. A big part of that is a transition to object-oriented, interface-driven development, which means we can now extend the system a lot more easily without having to break APIs. So, starting with Drupal 8, we're going to move to a more traditional semantic versioning model where there will be an 8.1 that has few traditions but no API breaks, and an 8.2 that has few traditions but no API breaks, an 8.3 and so on. With 8 – 8.01, 8.02, 8.1.1, 8.1.2 and so forth for bug fixes and security patches as usual.  So that's kind of the development cycle.

People deploying sites today should use Drupal 7. We're looking at a release for Drupal 8 sometime in 2015, hopefully earlier rather than later. However, we are an open source project, so we can't control schedules that well. Once you get to the release candidate stage for Drupal 8, I would start looking at that as your deployment target. It's a much better system than Drupal 7. Drupal 7 is not bad, and it's got 2 percent of the web as a market share. However, Drupal 8 is a huge improvement in capability, in extensibility, in internal quality, better user experience, better developer experience, easier deployment and updates between dev staging and production, and better multilingual support. It's been a lot of work, but it is paying off.

Stuart Langridge:       Once Drupal 8 comes out, are you expecting everyone to essentially over to it relatively quickly? Obviously Drupal 6 will be out of support, but can Drupal 6 users jump directly to Drupal 8 on release day? Do they have to walk through Drupal 7 first, or how does that work?

Larry Garfield:           That's actually something else that's changed. Traditionally what we've done is provide an upgrade path for data, for content between major versions. Between Drupal 6 to Drupal 7, you have to update your code. If you have custom modules you've written, you have to update those, and those APIs may have changed, but there's an update path for all of data in your database, so you don't lose that.

                                    The changes for Drupal 8 are large enough that providing the upgrade path within the system is just way too hard, but that does not mean that we're abandoning our old users. What we're doing instead is building migration tools. There have been Drupal migration tools for a long time as add-on modules from the arbitrary system into Drupal. That framework has been implemented in Drupal 8 – or in the process of being implemented in Drupal 8, so Drupal 6 users will be able to do a migration directly to a new Drupal 8 install.

                                    The idea is that you’ll want to build your new Drupal 8 site because the architecture you'll want to use in Drupal 8 is different than it was in Drupal 6. You can do so by using tools that are provided. Migrate all of your content across from Drupal 6 as if it were just an arbitrary external third party system. From there, you can suck all your content in and do that incrementally as you go, so you can have a Drupal 6 site up and running and build a Drupal 8 site. Just keep running that in the background, and when you are ready, flip a switch and now the Drupal 8 site is what you're routing web requests to and you're done.

                                    That process is mostly working at this point, I think. There's still active development on it. It's possible that that will not be there for 8.0.0 on release. If not, it should be there in 8.1 where I believe we're extending security support for Drupal 6 a little bit to help smooth that transition. Also, the Drupal 7 to Drupal 8 migration tool chain is a work in progress since Drupal 7 is still going to have active security support for several more years.

                                    At Palantir, what we often do is tell people skip versions. So if you're on Drupal 7, if it works for you, stay there and wait for Drupal 9. If you're on Drupal 6, you'll want to jump to Drupal 8.  We have clients who are on Drupal 5 who skip Drupal 6, and go straight to Drupal 7 because usually that's a couple of years difference. After a couple years, you probably want to revisit your site anyway. Most of our clients do, which is actually another important thing I forgot to mention. We are also looking at a six-month release cycle for the 8.1 and 8.2 releases for Drupal 8, so that's a much more predictable cycle there as well.

Stuart Langridge:       Are you expecting people who get Drupal 8, either by migrating an existing site or setting up something new, to stay in touch with the Drupal 8 point releases as they come out?

Larry Garfield:           Yes. Our security team is very active but also almost all volunteer. We are expecting to say for the 8.0 line that its security stops when 8.1 comes out.  But 8.0 to 8.1 should be a very simple transition. There'll be a last security release at the same time, which would be 8.06, 8.05, and then after that, please upgrade to 8.1. We're not going to break things on you. You'll get some nice new features, but that's also where the security updates will be going forward.

Stuart Langridge:       Drupal being a web application, you obviously do a lot of work with browsers. How does it work with the range of browsers that are out there in the world? I suspect it works relatively well on modern browsers, but are you putting in extra work to take advantage of features that modern browsers provide? Can I still happily administer Drupal in my IE 6 machines or how does that work?

Larry Garfield:           That's another one of the changes in Drupal 8. Drupal 7 supports IE 6 and up. For Drupal 8, we decided we're following the lead of everybody else who has already done this and only targeting reasonably modern browsers. This means the current Firefox, current Chrome, current Opera, current Safari and Internet Explorer 9 and above. 

                                    It was actually an interesting discussion when we were debating which versions to target, and it basically came down to the fact that Drupal 8 is gonna have a several-year lifespan. Do we want to get laughed at in 2013, 2014, 2015 for dropping support for IE 8 or do we wanna get laughed at in 2017, 2019 for still supporting IE 8 at that point?  We decided we'd rather get laughed at now, so Drupal 8 requires Internet Explorer 9 or above or the current versions of everything else, which there really aren't legacy versions of anymore. What that means is we can do things like use local storage, use data attributes, use HTML 5 natively, use mobile first design for all of the internal default themes and so on.

We are really trying to be a modern front-end system as well, so there's a lot of CSS3 running around in the system. One of my favorites in Drupal 7, is this thing called overlay, which puts your admin section into a modal dialog on the screen that you can navigate through separately and then close to go back to the page you were on. This was a couple thousand lines of JavaScript that nobody actually liked, wasn’t responsive and had accessibility problems, so didn't really work out. But then we realized that the actually need was that I wanted to administer stuff and then go back to my site where I was without having to play around with multiple tabs in my browser. 

                                    So we built a new admin toolbar that is fully responsive that has a back to site button. If you go into the admin section, you get this back to site button that takes you back to whatever last non-admin page you were on. It's about four lines and it uses local storage, fully responsive, accessible and everybody wins. This means that we got to throw out the overlay module that no one actually liked and take advantage of the local storage is here. Now it’s trivially easy to do a back button for all sort of context.

Stuart Langridge:       Let's talk about the Drupal community here. You mentioned your enormous collection of extensions, add-on things. I know that Drupalcon is coming up, and there's one in Columbia and one in Los Angeles. There are user group events, 2,500 or something of them around the world every year. What's most interesting to the Drupal core team and to Drupal users about the Drupal community? What do I get as a Drupal user because it exists?

Larry Garfield:           The community is, I would say, one of the three core pillars of what makes Drupal a good system. One is good strong content management because we focus on content management rather than on just building pages. One is extensibility since we design everything to be extensible as it's just part of our culture. And the third is that there's a huge community that is very active, very passionate, very engaged and extremely welcoming.

As a new Drupal contributor, if you show up and say, 'I have these skills, I want to help, what can I do?', there is a team of people who shepherd new people like that. So you will just open the IRC channel, and you will get pounced by people who want to help you learn how to contribute. I've never seen that in any other community. It means there are hundreds of agencies and thousands of freelancers, and it may be thousands of agencies and tens of thousands of freelancers around the world that you can go to.

                                    If you don't like an agency you're working with, there are others you can go to. If you don't like a hosting company you're working with, there are others you can go to. If you want to hire people yourself, there are people you can hire. There's actually a very huge demand for Drupal developers and being able to use more conventional tools in Drupal 8 is part of improving that, so it'll actually be easier to hire Drupal talent at that point.

If you are building a Drupal site, engage. Engage with the community. Don't just wander off into a corner. If you have an issue with a contrib module, post that issue, post a bug report, post a patch. That kind of engagement, to a large extent, just like any other open source project really, is how you pay for it. Drupal is 
GPL, so there is no licensing fee to use anything. You can just download and walk away. Whereas with any other open source project, the way you pay is by getting involved and supporting the development process and supporting the community that builds it.  And it's still much cheaper than anything else. If you have developers of your own, take some time, let them learn the system, let them start talking to people in the community, talking to the maintainers of the modules that you are using, and you'll get direct personalized support that way. You'll get knowledge what we should be doing, so I don't know if there's anything unique in that regard.  It's just an active open source project, therefore, you want to engage with the community.

The Drupal's community, in particular, is especially active, especially friendly, and especially engaged.  I will also say especially diverse as open source projects go. Drupal, by our best estimates, is a little under 20 percent female participation, which sounds low, but is also ten times higher than most open source projects. That's another advantage that you get because with a more diverse community there are more diverse ideas and better quality output.

Stuart Langridge:       Where's Drupal going next? Obviously the big target for 2015 is Drupal 8, but apart from the stuff that you've described already, what does Drupal 8 bring us at the high level, and what's coming after that? What are the plans for the next year, or the next five years?

Larry Garfield:           So what does Drupal 8 bring? Drupal 8 brings is taking the best of the Drupal contributed world and building that into the system. For example, I talked about wanting to put a list of events at this URL ordered this way shown in this format. The tool you use for that in Drupal is called Views. It's one of the most popular if not the most popular add-on module to the extent that no one actually views it as an add-on anymore, so we just baked it into Drupal 8. We were then able to rip out a lot of the one-off code that was in the core and use that instead. We finally have a rich text editor built in, but it's not just an edit box like WordPress has. It's integrated into the front end too, so we do have edit and place support, so for small/quick edits that we call the Quick Edit tool. You go to a page, you click "Quick Edit”, correct some text on the page right there, hit save, and you're done. Just like the in-place editing on Flickr or Facebook. If you're actually doing content modeling, you'll want to be using the full edit interface, but it's really good for quick one-offs.

One of the largest problems with Drupal in the past has been deployment because Drupal 7 earlier stores its configuration in the database, because users are editing the configuration on a regular basis, so you need to be able to have that user editable. That made deployment between dev states and production more difficult, and there have been tools to work around that. For Drupal 8, they solved that problem for reals by baking that in, and we now have a really solid configuration API that includes export, import. Now you can do real configuration deployment with Drupal 8 that’s fairly straightforward.

We have built-in support for web services, so all of your content out of the box, is now available as web responses and using the HOL – hypertext operational language format. You can build a headless system in front of Drupal 8 with Angular or Ember or whatever your flavor of the week is. You can build a mobile app that talks to Drupal 8. You can build a desktop app that talks to it. It's really designed to be more robust for what people keep using Drupal as, which is as a nexus to talk to different systems. Most of the many projects I've built at Palantir.net have been integrations with a museum's catalog, integrations with a university's course management system, and that kind of integration of multiple systems is very common in Drupal, and so that gets even stronger in Drupal 8.

                                    So really Drupal 8 is on the user level; Drupal 8 is bringing together the best of breed from the Drupal ecosystem into a much more cohesive platform, and it's really that transition from system to platform that's happening with Drupal 8. Also, just being a much more robust out-of-the-box experience for building a modern, robust content-driven experience. At the developer level, Drupal 8 is a much bigger revolution and brings much more stable code, much more familiar code. Let's be honest, Drupal 7 earlier had a very unique and idiomatic API architecture, and by your giggling, I take it that you've worked with it.

Stuart Langridge:       I like the description. It was tactfully done.

Larry Garfield:           Thank you. For Drupal 8, we have brought in over a dozen different third-party libraries and rebuilt the system around those, so we're using the Symphony core pipeline from a Symphony framework. We're using these end feed library for RSS and atom parsing. We're using Guzzle, which is an HTP client, so if you want to connect to one of those third-party systems to do an integration, it's a lot easier now, it's a lot more robust, you have a lot more capabilities just out of the box. Drupal 8 has really been at the forefront of getting rid of the “not invented here” attitude that's plagued the entire PHP world for a decade, and we were replacing it with “proudly invented elsewhere” because everybody loves pie.

Stuart Langridge:       That PHP renaissance idea that we can now build reusable components, and more importantly, find existing reusable components and then reuse them, that's an important part of Drupal's new approach, yes?

Larry Garfield:           Absolutely, that's a transition that's happened in the PHP world, kind of concurrently with Drupal 8's development. Drupal 8 did not cause that transition, but I usually say it's been a major part of that transition. It's kind of the poster child for it. The argument that I've made in presentations before is: if Drupal, of all projects, can make this transition from a quirky idiomatic proprietary architecture and API to a modern shared architecture using common tools, using familiar patterns, which then makes life easier for developers to build more robust systems, anyone can. 

                                    And yes, it's a big transition, but it's important, and, from the looks of it, a successful transition. The result being that it should be a lot easier for new developers or experienced developers to just pick up Drupal 8 and run with it and then extend it in ways we never thought of. As a developer building tools for other people, when someone can use a tool I built in a way that I never expected, that's success, and I expect that to happen a lot more with Drupal 8 than with earlier versions. It happened a lot with earlier versions too, but I expect it to happen even more with Drupal 8 where people will be building types of sites or types of add-on modules that I didn't even occur to me would make sense to do, but oh, look, there it is because the system is robust enough to support that and the architectural style is familiar enough that someone who used Symfony, Zend, or any modern system can just dive in and pick it up with relative ease. 

Good story there, actually. I was giving a Drupal 8 training at a conference last year, and one of the people in the audience wasn't even a PHP developer-he was a C-Sharp developer. But Java, PHP, C++, C-Sharp, they all have a very similar object-oriented model and mindset. So, I was walking through services and dependency injection and all these things that are new for traditional Drupal developers, and he says “I got this, no problem, whatever, it's a little bit of syntax, fine”. This army of corporate Java and C-Sharp developers can now work on Drupal 8, too, without a ton of retraining. They don't have to completely start from ground zero. That's a huge influx of potential Drupal talent that companies using Drupal probably already have. Also, people who want to escape their Java doldrums job can transition over to Drupal 8 a lot more easily and do all kinds of things that we didn't think of to help feed the demand for more Drupal talent for more Drupal sites. It really is a game-changing transition and is a very good game-changing transition.

Stuart Langridge:       It will be great to see it released.

Larry Garfield:           Yes.

Stuart Langridge:       So thank you very much for talking to us, Larry Garfield of the Drupal project.

Larry Garfield:           Thank you.

Friday, March 20, 2015

Security fix for Drupal, new versions 7.35 and 6.35 released

The Drupal project has just released two new versions that fix multiple vulnerabilities, and one of them is considered moderately critical. You can find more info about these issues on the Drupal's blog post by their security team.

Some issues include: 

  • Password reset URLs can be forged under certain circumstances, allowing an attacker to gain access to another user's account without knowing the account's password
  • A malicious users can use the "destination" query string parameter to construct a URL that will trick users into being redirected to a 3rd party website
We have released Bitnami Drupal 6.35 and 7.35 installers, virtual machines and Amazon EC2, Google and Windows Azure cloud images that fix this issue. If you already have a running version of Bitnami Drupal, you can update it with the drush tool.

$ cd /opt/bitnami/apps/drupal/htdocs
$ drush up

We will continue to work on updating and releasing new versions of Drupal-based projects: CiviCRM and OpenAtrium.

Monday, March 2, 2015

Squash added to the Bitnami Library!

We're happy to introduce Squash as a part of the Bitnami Library!

Squash is a collection of tools that helps engineers find and kill bugs in their code by automatically collecting, collating and analyzing run time exceptions.

It consists of the following components:
  • Client libraries for different systems (Ruby, Ruby on Rails, Cocoa with Objective-C, etc.) that catch errors when they occur and send them to the API endpoint. 
  • The website, which displays information about caught bugs and help engineers find the root cause of it, so it can be fixed. It also lets engineers manage, assign and comment on bugs, as well as view statistics for each one of them. 
  • API endpoints, which routes (part of the website) receive exception notifications from the client libraries and processes them. 
Squash has great features and benefits, which include:
  • Smart code analysis: Squash analyses stack traces of every exception to find the line in which it is happening and then figures out who might have caused that bug. 
  • Fewer emails: Squash only send emails to the engineers responsible for an exception. 
  • Better data: Squash points out the values of environment variables, instance variables, etc., when a bug occurs in the Value Inspector. 
  • Collaboration: Squash includes a full-featured commenting system, ticket-management system and a news feed, letting you collaborate on, and track the progress at fixing a bug.
    Squash's Projects dashboard

    If you want to take a look at Squash, you can launch a free cloud demo server. By clicking the button below, you will have your own Squash instance running for 1 hour, for free!

    Don't forget to visit our wiki to learn how to manage your installation. Still have questions? We would be happy to answer them on our community forum.

    Would you like your favorite app to be part of Bitnami? Be sure to suggest and vote for it in our monthly contest!

    Thursday, February 26, 2015

    Introducing Bitnami’s newest cloud partner, AURO!

    Bitnami is known for providing quick access to popular server applications and development environments that can be installed and managed with ease. Our expanding library of popular applications and cloud partners help to make this possible. That’s why today we’re thrilled to announce that AURO, Canada’s first public cloud for enterprise, is partnering with Bitnami to give AURO customers immediate access to leading open source applications and stacks in a single click.

    The AURO cloud platform is powered by OpenStack, which gives them the ability to incorporate Canada’s unique corporate governance and compliance processes into a cloud infrastructure. OpenStack also provides AURO with flexibility and choice so that AURO can build in the language customers want, and customers can build a flexible environment to meet various needs. If you are already an AURO customer, you now have access to some of Bitnami’s most popular applications!

    With this new partnership, there has never been a better time to try AURO. Right now the AURO Cloud Computing Startup Program is offering $300 in credit to sponsors, developers and partners.

    Get started on your innovative projects using Bitnami on AURO today!

    Monday, February 23, 2015

    Refinery CMS joins the Bitnami Library!

    We're happy to introduce Refinery CMS as part of the Bitnami Library!

    Refinery CMS is an open-sourced Rails-based CMS designed to be flexible and easy to use. The Refinery UI is beautiful and updated frequently to deliver the most intuitive experience possible for your users. This application is also supported by an engaged online community. 

    Refinery CMS is now ready to install in a few clicks using the Bitnami Refinery CMS installers (available for Linux, Windows and Mac OS X), Virtual Machine images (VMs), cloud images for the Amazon EC2Google Compute Engine and Azure cloud platforms.

    Some popular features that Refinery CMS include:

    • Modular and extendable: you can add new features to Refinery CMS simply installing extensions.
    • Available in more than 30 languages.
    • Preview of the pages that you are writing.

    Refinery CMS admin panel

    Refinery CMS new page editor

    If you want to explore Refinery CMS you can launch a free cloud demo server. Clicking the button below will create your own Refinery CMS instance running for 1 hour, for free!

    If you want to know more about how to use Bitnami Refinery CMS, read our wiki page. Still have questions? We would be happy to answer them on our community forum.

    Wednesday, February 18, 2015

    Bitnami offers a free trial of CrushFTP!

    We are happy to announce that CrushFTP is now available on the Bitnami library!

    CrushFTP is a powerful file server supporting standard secure file transfer protocols. It's easy to configure and provides powerful monitoring tools that can be customized the way you need it.

    The Bitnami CrushFTP Stack includes a free trial for up to 5 users, so you can try any of the features that they have to offer!

    CrushFTP is now ready to install in a few clicks with the Bitnami CrushFTP installers (available for Linux, Windows and Mac OS X), Virtual Machine images (VMs), and cloud images for Amazon EC2.

    CrushFTP login page

    CrushFTP main page
    If you want to check out CrushFTP simply launch a free cloud demo server. Click the button below to get your own CrushFTP instance running for 1 hour, for free!

    Information on how to manage your installation can be found on our wiki. Still have questions? We would be happy to answer them on our community forum.

    Tuesday, February 17, 2015

    topLog joins the growing library of analytics software on Bitnami!

    Meet your new log management fortune teller. With topLog the future will no longer be a mystery because you will be alerted about everything that comes your way in terms of application and system level logs. With Bitnami topLog, you get:
    • One free user system
    • Log aggregation via unlimited streams
    • Search
    • Real time alerts (via email, Hipchat and Slack)
    topLog is now ready to install in a few clicks with the Bitnami topLog Installers for Linux, Virtual Machine images (VMs), and cloud images for Amazon EC2.

    If you want to quickly check out topLog, you can launch a free cloud demo server. By clicking the button below, you will have your own topLog instance running for 1 hour, for free!

    Don't forget to visit our wiki to learn how to manage your installation. Still have questions? We would be happy to answer them on our community forum.

    Tuesday, February 10, 2015

    SilverStripe added to Bitnami Library!

    Today, SilverStripe joins the Bitnami Library of CMS apps!

    SilverStripe CMS & Framework is an open source platform of web development tools. The platform, curated by SilverStripe, is an international web development company that is supported by a vibrant online community.

    SilverStripe is now ready to install in a few clicks using the Bitnami SilverStripe installers (available for Linux, Windows and Mac OS X), Virtual Machine images (VMs), cloud images for the Amazon EC2, Google Compute Engine and Azure cloud platforms.

    SilverStripe CMS & Framework

    If you want to explore SilverStripe you can launch a free cloud demo server. Clicking the button below will create your own SilverStripe instance running for 1 hour, for free!

    We also had the opportunity to interview Cam Findlay, Community Manager of SilverStripe, about the application's key features:

    What is the goal of the SilverStripe application?

    SilverStripe is both a CMS and PHP web framework. SilverStripe CMS makes day-to-day content updates awesomely simple. It’s flexibility makes SilverStripe CMS ideal for managing websites, intranets, and sophisticated web applications with stunning interactive design, social and transactional features for your users. The SilverStripe Framework is a PHP web application framework that can be used standalone, or in harmony with the SilverStripe CMS. Modern best practices include object-oriented MVC/ORM architecture to cut the overhead associated with common programming tasks, and enable developers to quickly write and maintain code that powers complex web applications. Put simply, CMS users love SilverStripe’s easy to use and powerful CMS and developers love the power and flexibility of the framework. With SilverStripe, everyone get’s to do what they do best.

    What are some of the features of SilverStripe?

    SilverStripe is both PHP framework and CMS. For developers, we define customisations of the CMS for users in the code along with any configuration which makes your applications highly portable across environments without having to rely on the database. Content is treated as content, code is kept and code, environment configuration is handled as configuration so there is a clear understanding of what is required when deploying websites and separation layers for a more maintainable codebase.

    The CMS also is highly customisable to a clients needs, rather than enforcing a way of working, so it works in well with customers existing business processes and allows CMS users to easily integrate SilverStripe as part of how they currently delver their services or run operations.

    We also have a great Open Source community!

    Which projects or organizations are using SilverStripe currently? What kind of projects do they use it for?

    SilverStripe has been used by projects large and small. Of note are sites such as the Democratic National Convention website during Obama’s electoral race, Westpac bank New Zealand, Skinny Mobile (a large mobile telecommunications site) and the the New Zealand Government Common Web Platform which is promoting open source and SilverStripe use in the New Zealand public sector. There are also a host of other showcases that give you an idea of the types of sites powered by SilverStripe at our showcase at http://www.silverstripe.org/community/showcase/

    What do you expect will be the main benefits of having Bitnami packages available for SilverStripe?

    We are looking forward to having an easy to install local environment, as well as a cloud deployable image to help developers and users try out the CMS and get started quickly learning SilverStripe.

    You can follow SilverStripe on Twitter and participate in discussions on SilverStripe.org.

    Would you like your favorite app to be part of Bitnami? Be sure to suggest and vote for it in our monthly contest!

    Thursday, February 5, 2015

    Welcome CouchDB to the Bitnami Launchpad for Google Cloud Platform!

    We're happy to introduce CouchDB as part of the Bitnami Library for the Google Cloud Platform!

    CouchDB is a modern and efficient database that completely embraces the web. It allows you to store your data with JSON documents and access them via HTTP.

    It works well with modern web and mobile apps. You can even serve your web apps directly out of CouchDB!

    Some popular features of CouchDB include:

    • Store your data in documents in JSON and access them via HTTP
    • Using JavaScript to query, index, combine and transform documents
    • Distributing your data using incremental replication
    • Master-master setups with automatic conflict detection
    • Native support for a RESTful API
    Futon, CouchDB's management tool

    You can check out all of these features by deploying CouchDB with one-click on the Bitnami Launchpad for the Google Cloud Platform. Click the button below to get started.

    Want to get started right now? Launch your Bitnami CouchDB instance and connect to Futon via the following URL in your browser. There you will be able to create, manage and remove documents:


    If you want to auto-login, you can connect to the following URL:


    If you want to know more about how to use Bitnami CouchDB, read our wiki page. Still have questions? We would be happy to answer them on our community forum.

    Wednesday, February 4, 2015

    Precurio joins the Bitnami Library!

    Precurio is an intranet solution for business that can improve team collaboration, reduce paper, and help streamline business processes for maximum efficiency. Now by partnering with Bitnami, Precurio can be deployed to the cloud efficiently too! 

    This all-in-one Intranet solution gives you one place to collaborate, manage and store your next project without using a bunch of tools. With so many features in one place, you can rest easy knowing that you won’t get asked “Where is this?” again. Their solution includes:
    • Enterprise Collaboration
    • Paperless Office
    • Document Management 

    The Bitnami Precurio package includes a free trial of Precurio for up to 10 users. To learn more about Precurio plans and licensing, please visit the Precurio website.

    If you want to quickly check out Precurio, you can launch a free cloud demo server. By clicking the button below you will have your own Precurio instance running for 1 hour, for free!

    Don't forget to visit our wiki to learn how to manage your installation. Still have questions? We would be happy to answer them on our community forum.

    Tuesday, January 27, 2015

    Security Issue: GHOST buffer overflow CVE-2015-0235

    A remotely-exploitable glibc security issue affecting common versions of Linux distributions has been recently disclosed. You can find additional information on how to upgrade your Bitnami installations in our wiki page covering the issue

    Friday, January 23, 2015

    2nd Bitnami Cloud Bootcamp - February 2015

    We held our first Bitnami Cloud Bootcamp in September 2014. The interest surpassed all of our expectations and the bootcamp itself was a success, covering a wide variety of technologies and attracting a diverse group of talented individuals. After the training, we invited six of them join the Bitnami team and they are responsible for many of the recent application releases in Bitnami.

    As promised, we are excited to announce the 2nd Bitnami Cloud Bootcamp! Bitnami bootcamps are fast-paced, in-person training courses that provide you with the knowledge and practical skills you need to automate the installation and management of server software in the cloud. You will learn directly from developers and system administrators responsible for systems that manage tens of thousands of servers. At the end of the course, if you have performed well, we will make you a job offer to join Bitnami. In other words, if you are located in Spain and passionate about Linux, Open Source and Cloud you should seriously consider applying.

    The original bootcamp was 4 weeks long and that limited the amount of candidates that could attend, so we have decided to change the format this time around and run a 2 weeks Bootcamp. This way, currently employed attendees may be able to take vacation time in order to attend the training. Depending on how this experiment turns out we may be go back to the original format or run smaller, more frequent bootcamps.

    This Bootcamp will run from February 16th to the 27th, this time at our office in Seville, rather than a third-party training facility. In the last few months, we have tripled the size of our office and have everything in place to conduct the bootcamp, including space, connectivity and snacks :)

    Of course, since we are running the Bootcamp for a shorter period of time, we have also limited the scope of what we will teach in the course while still covering all the important areas. For example, while the original bootcamp covered Amazon Web Services, Google Cloud and Azure, in this edition we will only cover Amazon Web Services because the concepts are similar across all major cloud platforms.

    For this edition we will require applicants to have a working knowledge of Linux. Though we covered the basics in our previous one, the candidates that were not already familiar with Linux had a harder time following along and the more experienced participants did not get as much out of it. A good, free, online introduction to Linux is offered by the Linux Foundation in partnership with edX. Please make sure you attend the course (or already have the knowledge described in it) before applying.

    For more information and to apply for this edition, please visit our bootcamp page.

    Thursday, January 22, 2015

    Welcome Kafka to the Bitnami Launchpad for Google Cloud Platform!

    We are happy to introduce Kafka as part of the Bitnami library for the Google Cloud Platform!

    Kafka has created a new way to use a distributed commit log. With its unique design, Kafka also provides the functionality of a messaging system.

    Kafka is fast, scalable, durable and distributed by design. Some of Kafka's most popular uses include:
    • Messaging
    • Website Activity Tracking
    • Metrics
    • Log Aggregation
    • Stream Processing
    • Event Sourcing
    • Commit Log
    There are a lot of tools that integrate with Kafka as well, such as stream processing systems, Hadoop integration, monitoring, and deployment tools.

    Creating a new topic in the Bitnami Kafka server in Google Cloud Platform

    You can check out all of these features by simply deploying Kafka with one-click on the Bitnami Launchpad for Google Cloud Platform. Click the button below to get started. 

    Want to get started with Kafka right now? Run the commands below from your Terminal to publish and collect your first message:
    • This command will declare a new topic. Kafka server is configured to use the server public IP address:
    $ kafka/bin/kafka-topics.sh --create --zookeeper --replication-factor 1 --partitions 1 --topic test

    We use --replication-factor to indicate how many servers we are going to have a copy of the logs and --partition to choose the number of partitions for the topic we are creating.
    • This one starts a new producer in the same server itself:
    $ kafka/bin/kafka-console-producer.sh --broker-list PUBLIC_IP:9092 --topic test
    this is my first message

    • And finally you can collect your first message in the consumer:
    $ kafka/bin/kafka-console-consumer.sh --zookeeper --topic test --from-beginning
    this is my first message

    If you want to know more about how to use Bitnami’s Kafka, you can read our wiki page. Still have questions? We would be happy to answer them on our community forum

    Friday, January 16, 2015

    The simplest way to use Amazon's new instance type!

    This week AWS announced new compute-optimized C4 instance types. Since then, we've been busy migrating some of our internal infrastructure to take advantage of the increased power available in the C4 instances, specifically the c4.2xlarge instance type.

    You can read their full post here:

    "The new C4 instances are based on the Intel Xeon E5-2666 v3 (code name Haswell) processor. This custom processor, optimized for EC2, runs at a base speed of 2.9 GHz, and can achieve clock speeds as high as 3.5 GHz with Intel® Turbo Boost" 

    We were excited about the new instances and knew you would be too, which is why we added support for C4 to Bitnami Cloud Hosting as well. Continuous integration servers such as Jenkins or GitLab CI are a good match for these new instance types. Want to get started in just a few clicks? Learn how with our step-by-step guide below.

    If you don’t already have a Bitnami Cloud Hosting account be sure to sign up before getting started, and add your AWS credentials here: https://app.bitnamihosting.com/clouds.

    The Simplest Way to Use C4 Instances on Bitnami Cloud Hosting:

    First, create a new server on your Bitnami Cloud Hosting Console

    Then, choose your application. In this case, we chose Jenkins. 

    Next, you'll want to change your operating system to "Amazon Linux 2014.09.1 (rev. 36, hvm)"

    Finally, choose your server type as "C4 Extra Large"

    And there you have it - your very own Jenkins server running on a C4 instance. Try it today! 

    If you have any questions, head to Bitnami's community page to start a discussion or engage with peers. Or read the full post from AWS here: https://aws.amazon.com/blogs/aws/now-available-new-c4-instances/