TurnKey Linux Virtual Appliance Library

12 new appliances released

We just finished updating the site for our most exciting and ambitious batch of releases yet. The 2009.02 release, based on Ubuntu 8.04.2 LTS, features extensive improvements to usability, security and stability. We've done a terrific amount of quality assurance on our end and blocked the release until we had resolved every single bug and issue we found.

Now with just a bit more testing from the community we should soon be able to remove the Beta label from most of our appliances.

Those who followed the project closely may have noticed that in the 4 months since our last announcement we have been gradually ramping up our selection of appliances to include: Ruby on Rails stack, MediaWiki, Drupal6, LAPP stack, Django stack, MySQL, and PostgreSQL. Talk is cheap and new open source projects are a dime a dozen so we wanted to work out all the issues and get feedback from the community before making any big announcements.

The latest release batch also includes TurnKey Core and Bootstrap, which should be of special interest to those who like to get their hands dirty (e.g., developers, system integrators, technical enthusiasts).

Despite our low profile, we've had 13,000 downloads so far and growing fast. Thanks to everyone who tried out the previous crop of beta appliances, especially those who gave us feedback and encouragement on the forums. Part of the what's great about starting out small is that we've been able to keep up with all your comments and questions and personally respond to every single one of them, even in the middle of a development cycle!

Per-appliance updates on website

We've updated the website so that each appliance has its own feed of updates and announcements. Users can subscribe to a specific appliance feed (e.g., LAMP updates) or to the project-wide combined updates feed to get detailed information on new releases, updates and security issues. This should make it much easier for everyone who is interested to stay on top of things.

Common base for all appliances - TurnKey Core

The biggest technical change was a behinds the scenes re-engineering of the development process. All appliances are now built on top of TurnKey Core, from which they inherit the standard features (and bugs!) which are common to all TurnKey Linux software appliances. This improves our development leverage quite a bit the and should result in better consistency and reliability across the board. Any bugs which the community finds that can be traced back to Core will be fixed in subsequent releases of all appliances.

Usability improvements (batteries included)

One of the things we're trying to figure out is how to make our appliances more powerful and useful out of the box without adding too much bloat. For the latest release batch we did some research on popular software combos.

The results:

With the help of the community we would like make our appliances even more powerful in the future. Share your ideas!

Security

  • Enabled SSL support out of the box where possible.

  • Regenerating secret keys: We now regenerate all secret key material during installation (doh!) as it may otherwise be possible for an attacker that can intercept network traffic to bypass encryption.

    This includes the SSH keys, default self-signed SSL certificates and other appliance-specific secrets. Users of older appliances connected to an untrusted network are advised to regenerate their keys manually or migrate to the latest version.

  • Password security: Set database passwords for MySQL or PostgreSQL (I.e., depending on the appliance) during installation. Refuse to accept empty passwords.

Fixed auto updates

We discovered a nasty bug that broke auto-updates whenever a package update tried to upgrade a configuration file that has been locally modified. This happened because the package management system checks for local modifications before upgrading configuration files and if the configuration file has been modified since installation the user is asked what to do - use the new package version, the local modified version or try merging the two?

Of course, asking the user what to do doesn't work in a non-interactive auto-update, so appliances are now configured to do the safe thing and always keep the locally modified version.

Users of older appliances are advised to migrate to the latest version or manually fix the auto-update mechanism.

Attention to detail

We didn't just work on the big stuff, we also fixed many small issues that bugged users (and us!) in previous versions.

For example:

  • Redesigned network configuration in confconsole to fully support multiple NICs (previously the confconsole broke in that configuration).

  • We now tag appliances with a release package that marks the release version of the appliance and contains the changelog.

  • Embedded links to documentation and other helpful resources inside appliances.

  • Increased default PHP limits in appliances that include PHP.

  • Configured a more readable console font - the previous was hard to read, especially for color blind users.

  • No passwords required when running in Live CD mode where security measures just get in the way (e.g., demos and training).

  • Changed Webmin port from 10000 to 12321. It turns out its easy to mistake 10000 for 1000 on screen!

Funding development with premium services

Thanks to the support of our employer and the huge leverage provided by open source software we have managed to get this far with very little in the way of resources. The kind of enthusiastic feedback we have been getting from users tells us we are on the right track, but what we have managed to accomplish so far barely scratches the surface of what we believe can ultimately be accomplished with open source software appliances.

Up until now the limiting factor has been the amount of engineering resources we have been able to donate to the project. With more developers on board we could dramatically accelerate development and unlock the project's true potential much sooner. Unfortunately, it turns out that open sourcing a project does not magically attract a troupe of talented engineers eager to work for smiles and sunshine, especially when there are significant barriers to entry and much of the work involves the many unglamorous but necessary tasks that give a software appliance its polish.

Stimulating development by hiring a dedicated team of developers and sponsoring open source bounties requires considerable funding, so we are starting to explore which open source-friendly business models could sustain the project financially and support its long term health and viability.

Our best ideas involve providing premium services that will help organizations do more with less by taking full advantage of software appliances to reduce unnecessary friction and leverage cost-effective on-demand infrastructure (I.e., cloud deployment). This should be especially relevant given the current economic condition.

One of the services we believe may provide the most value to patrons is developing custom appliances. We recently completed a successful private pilot and we are now seeking additional clients for a public beta under unusually good terms (e.g., refunding unsatisfying results).

Further down the road, we would also like to explore other options. If you'd like to help, we are open to ideas.

Upcoming developments

Behind the scenes we are currently working on many exciting new developments including:

  • New appliances - next up are Apache Tomcat, Wordpress, Moodle, Movable Type and phpBB. After that any open source application is fair game.

  • 64bit support

  • Debian (Lenny) based appliances

On a more experimental basis, we are also exploring many other potential areas of development including UMPC optimized desktops, media centers and kiosk type applications, desktop-oriented studios for popular development frameworks, and many other ideas that tickle our fancy.

We're getting pretty good at quickly building pre-integrated open source systems that just work out of the box - the real challenge is figuring out how to prioritize our limited resources and what to try first.

Those that have been following us on the forums know that we love receiving feedback from the community, are open to new ideas, and will help out when we can. Current and future developers of open source software appliances are invited to join forces and collaborate with us. Once we add an appliance to our project we assume the burden of maintaining it at the appliance level, freeing other developers to focus on more interesting tasks (e.g., improving quality of integration, software sub-components).

One way or another, we have big plans for this project and much more in store than our current humble offerings.

Stay tuned!

You can get future posts delivered by email or good old-fashioned RSS.
TurnKey also has a presence on Google+, Twitter and Facebook.