APM: The proper way to use CPAN on a server
Montgomery Conner
montgomery.conner at gmail.com
Fri Apr 9 13:27:49 PDT 2010
This may be slightly off-topic (as I'm not really addressing the question
about cpan-shell syntax problems), and I may be running the risk of starting
a flame war, sorry, but, speaking as a Developer (and former SysAdmin):
waiting on RedHat to distribute RPMs (a practice which is advised and
necessary for the system-Perl) is a *horrible* way to manage Perl modules
that are depended on by non-trivial applications.
I'm stuck in a RedHat environment and would never rely on them to get it
right for any of the critical systems I work on at my job if it could
possibly be avoided... RedHat's track record with Perl module maintenance is
not great (and this criticism isn't limited to RedHat: Apple had broken
system Perl libraries for many many months in 2008 also, and I'm positively
sure there are vendors with this problem).
If Perl is important to you and your job, build it yourself from source!
As a "best practice" for managing Perl and Perl modules here's what I do
(your mileage may vary):
1. Compile and install a custom Perl (or multiple Perl versions) using a
non-root account, perhaps under /usr/local or /opt. You can use symlinks to
simplify the paths for these; and symlinks have the added advantage of
flexibility... i.e. upgrades are simple. E.g. /opt/perl -> /opt/perl-5.10.1/
, makes an eventual update to 5.12 trivial both to test and to implement
with no changes required to consuming code simply by changing the
appropriate symlinks. [Importantly, this way you can be sure that you aren't
going to break the system Perl install by upgrading modules, which should
put your SAs at ease. My advice: NEVER MESS WITH THE SYSTEM PERL, AND NEVER
RELY ON IT FOR ALL BUT THE MOST TRIVIAL (simple one-off script) CASES! Sorry
for shouting: I've learned the hard way that this is a recipe for pure
frustration and pain...]
2. Update your path: e.g. PATH=/opt/perl/bin:$PATH if you use bash... you
can just stick this in your .bashrc.
3. To address firewall restrictions in a corporate server environment
that might make contacting a public CPAN mirror impossible, create your own
mini-CPAN bundle to act as a local CPAN mirror on your secure network (or a
local filesystem if that's not possible). This archive adds some maintenance
overhead (you'll need to update it occasionally), but for any non-trivial
installation base it is absolutely fantastic (and surprisingly easy to do)!
See CPAN::Mini.
4. Configure your CPAN shell to point to the URL of your mini-CPAN (any
of file://, http://, or ftp:// are appropriate depending on how it is
accessible). I find it convenient to store the mini-CPAN archive on a
webserver and create a symlink under htdocs so that this archive is
available on the internal network via http without having to get a firewall
exception everytime you need to install a module from a public mirror... but
you'll probably need to have a talk with your security team before you get
the go-ahead. There's an additional advantage here in that if you are
creating standard Perl packaged modules in your organization, they can be
'injected' into your private mini-CPAN mirror for simple automated
distribution via the CPAN shell to any end users who can access the URL of
your mini-CPAN. Using sudo should not be required to install modules for
Perls that have been installed by a non-privileged account: so, to install a
module just issue the command 'cpan -i Some::Module' for any system who's
CPAN shell is configured to point to this URL.
5. For 'repeatable server builds' I've found it much easier to use a
shared file-system (prefer a snap-mirrored NAS for HA reliability, but NFS,
or SAMBA are possible too). Build the Perls there and create symlinks on
each host according to any platform specific details: e.g. /opt/perl -> [
/opt/NAS/perl-5.10.1, /opt/NAS/perl-5.10.1_x64 ]. So, now, (although you
have to compile and install the same module for each individual Perl build)
you can manage all the modules in one central location for all systems that
have this mount... which could potentially be a very large installation
base. This way the 'repeatable' part of any server build is as simple as
adding a line to fstab so that the new device is mounted at boot and an
appropriate symlink is created for each new host.
There's a small amount of overhead with this approach (not as much as you
think though, esp. compared to the alternatives), but it *scales well* which
is very important if you depend on a Perl infrastructure for applications
(as opposed to simpler Perl use by the system-OS or Admins).
For further reading along these lines there's some great information that
Schwern put together here:
http://www.perlfoundation.org/perl5/index.cgi?perl_best_admin_practices
Hope that helps,
m
On Fri, Apr 9, 2010 at 1:11 PM, Tim McDaniel <tmcd at panix.com> wrote:
> On Fri, 9 Apr 2010, Jonathan Scott Duff <duff at pobox.com> wrote:
>
>> $ PERL_MM_USE_DEFAULT=1 cpan Bundle::CPAN
>>
> ...
>
>> That's meant to be run from the command line using the "cpan"
>>
>> command which doesn't take subcommands. So cpan Bundle::CPAN from
>> the command line will install Bundle::CPAN.
>>
>
> Thank you for the explanation.
>
>
> --
> Tim McDaniel, tmcd at panix.com
> _______________________________________________
> Austin mailing list
> Austin at pm.org
> http://mail.pm.org/mailman/listinfo/austin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/austin/attachments/20100409/dca4b181/attachment.html>
More information about the Austin
mailing list