Closed astorm closed 8 years ago
First -- there's a significant number of DIY merchants with technical skills -- either their own, their employees, or their offshore networks -- who have deployed their own stores, and maintain them. When these merchants take the current Magento 2 out for a spin and can't get it running, the platform is going to take a credibility hit.
Second, the stated goal of
"Most if not all customization would be delivered through extensions and themes."
is admirable, and a good long term goal, but is not realistic in the short and medium term. The above scenario is rare with Magento 1. The extensions and themes that exist now for Magento 1 are great, but many still require small code changes, adjustments, and extensions to meet the business needs of store owners. If extension and theme vendors need to tighten up their code and feature set to run without those adjustments (while converting to Magento 2 at the same time), they need a user base and revenue stream first to fund that development.
Third -- there's a gap in your developer profiling. Between your Novice developer who can hack on Wordpress, and your Experienced developer with a CS background who can work with advanced OO concepts in frameworks like Symfony or Magento 2, there are a huge number of smart, hard working "full stack" PHP developers who do the yeoman's work of making systems run. "Intermediate developer" is the HR term. These women and men work independently, or for agencies not affiliated with the Magento partner program. These developers are busy, constantly evaluating new technologies, and if Magento 2 can't be easily installed they will look elsewhere and use/recommend other platforms.
Fourth -- support for tools like docker and vagrant are great and important for long term platform growth and health, but for full stack PHP developers these tools are nice add ons to the already well established, industry standard, decade old practice of
Fifth -- getting hosting companies on board with 1-click installers is also great, and also something that will help platform growth. However, if this is the only way to get a stable installation it greatly limits the number of people who will give Magento 2 a spin. Offer someone a free giant bag of candy and they'll take it -- charge a quarter for that same bag and fewer will take you up on the offer. Even if these one-click installers are on inexpensive hosting, the fact its commercial hosting at all will limit who tries it.
Sixth -- regarding numbers four and five above -- I'm sure you've noticed the huge challenges involved in getting Magento 2 up and running with web host's 1-click systems, or event on vagrant and docker. I'll bet dollars to doughnuts that having a version of Magento that's an archive of source files that can be uploaded to a standard apache mod_php web server and easily installed would make everyone's job there a heck of a lot easier.
Seventh -- Wordpress VIP is an interesting system to model -- but Wordpress VIP can get away with having a non-traditional installer process because people are already bought-in on standard Wordpess, which they can still install easily by uploading an archive of source files to a standard apache/php/MySQL hosting platform.
Wrap Up -- All the new developer initiatives Magento 2 brings to the table are super exciting, but it seems like a bad idea to assume these new technologies are going to be replacements for older, tried and true methods of installing PHP based software.
The best part? Making your software easy to install in the traditional-PHP-application-sort-of-way makes adopting all these newer technologies an order of magnitude easier. It doesn't need to be an either/or situation. You can have a docker installation but still provide a simple, working archive to end users.
Put another way -- consider this thought experiment. If the team's opinion differs from mine -- that some version of "That's the old way, this is the new way" keep cropping up, then I'd challenge you to remove the downloadable archive from from https://magento.com/products/community-edition and replace it with a link to the GitHub repository. If these new technologies are really ready to shoulder the burden, then that downloadable archive should be obsolete.
If that downloadable archive is not* obsolete [Hint: it is not obsolete], then Magento needs to get engineering and product resources unified and working together to make that archive behave the way any other standard PHP application distribution would, and continuously improving the installer experience. I know a lot of that is tedious, detailed oriented grunt work, but getting those tedious details right is what makes something a great open source platform.
Thanks @astorm for the feedback. This is great stuff! The intermediate developers is a less visible group so thanks for pointing that out.
Agree with your executive summary at the top. There are ways to do it today, but we need to push them into the developer documentation so the installation instructions for a default new user are simple. E.g. make the Vagrant box we publish official, and in the docs. Any feedback on that Vagrant box is welcome. (For example, we have a Bar Camp session talking about using the Vagrant box with GoDaddy at Imagine.) Things have been improving here, but I agree it needs to improve more. We are continuing to work on it.
“Are we there yet?” There are known friction points that we are working through. They get set priorities like all the other work. I think there is going to be a big inflection with the launch of Marketplace, the availability of low cost hosting, as we standardize on the Vagrant box, etc. And yes, we made a few mistakes along the way (which we are fixing). Yes we need to continue to push this forwards – close is not good enough.
The good news is I think this is not so much a change of direction as bringing a number of strands of effort together in a more coordinated, holistic way. And then communicate it clearly.
@alankent, I have a tremendous amount of respect for what you've helped build with the engineering team, and can only guess and wince at the myriad challenges, pivots, and conflicting priorities you must deal with everyday.
But this
Its not that hard to get a Vagrant box running
is just wrong -- or wrong enough from certain important points of view. It also tips towards the worst sort of developer machismo.
It is reasonable to expect an employee, contractor, or someone with some level of existing financial commitment and dependence on a software project to
But is is not reasonable to ask the same of open source contributors who aren't familiar with the project, and may not be familiar with the above technology stacks. They will not go through it, and while these folks aren't Magento Inc.'s primary market right now, they are a vital underpinning to Magento's continued success as an open source project.
Magento 1, Drupal, Wordprss, Zend, Concrete 5, Joomla, Baïkal CalDav ... the list goes on and on. Successful PHP open source projects have always offered an archive to download and install, and have spent time and resources improving and refining that install process. Even abstract programming frameworks like Symphony and Laravel that have gone composer first were only able to do this after they had grown an audience by appealing to more than professional software engineers.
And, again, this isn't an either/or situation. You can still provide a top of the line modern software development enviornment for your engineers, and, at the same time product a well tested archive install build artifact aimed at full stack developers, tech savvy store owners, and IT departments.
This well tested archive and install build artifact will make life tremendously easier for the teams getting one click installers up and running.
This well tested archive and install build artifact will also make life easier for the teams (I hope?) that are working on an officially supported Homestead like ready-to-go vagrant box.
I think that's all I have to say about this online for now. To folks inside Magento who are reading this agree, thank you for fighting the good fight :)
Hi Alan, point taken. And community feedback definitely does help us drive internal priorities - its always welcome. I have been experimenting with a simpler flow for development on GoDaddy nodes (blog coming soon). I have it working, but there are definitely gotchas that I want to iron out. I think there is a good solid dose of fixing some rough spots then simplify documentation accordingly.
I just want to mention that we had someone who plans to be at the Docathon at Imagine this weekend mention wanting to help develop a better guide for the exact process you outlined, @astorm. Specifically, this process:
Download archive of source code Copy to apache based PHP server, Run through GUI installer to set basic configuration/check permissions/bootstrap database Use software
They mentioned to me that they've been running through this exact series of steps on some basic shared hosts and documenting all the trials, tribulations and workarounds.
I think this might actually cross between a Docathon project and a Hackathon project, since there may be some shims and utilities that could be developed to make this easier. And that's perfect, because we're colocating those two events this year to encourage exactly this sort of cross-polination. So, if you all don't mind, I'm going to point those individuals to this issue here and also refer to it on the Hackathon project ideas list. If you're going to be at Imagine this weekend or even just available online to serve as a sounding board on some of these issues, it would be much appreciated.
Sign me up for that! Who is that someone?
@joshuaswarren Happy to jump in an IRC or Slack channel if I can find the time (and such a thing exists). Send me the detail zero and ones in some form :)
@astorm Alan, could you email me at bjh438-git@yahoo.com - I need your email address to send you the Slack invite.
@alankent / @piotrekkaminski There is one thing I would like to bring to your attention here while we're on the topic of easy access for developers / end-users alike. Something I haven't seen mentioned in the above outlines (unless I missed it) is the ease of actually getting a copy of the software to begin with. The easiest method of getting the software is cloning from GitHub, a practice which is discouraged unless one desires to contribute back to the core.
Two exercise might make this point a bit more obvious, assuming one can pretend they don't already know how to do the Magento side of it.
My install procedure looked like this and took me all of 5 minutes to have the software on my computer and ready to dig into. It even presents me with exactly where to go for docs (as if it needed an added bonus). So this one is very simple!
It's not much easier installing via composer, which also requires users go through a mess of steps to create accounts, generate authentication information, all before finally being able to run the composer create-project
command that's supposed to make standing up a project simple.
These two seemingly simple things will help reduce the barrier to entry considerably.
@davidalger both of those points have pretty good reason behind them. 1) We assume one will later use Magento to download updates or extensions. Getting repo access first ensures the experience later is smoother. 2) It helps tremendously with security, it allows us to contact people who downloaded buggy or insecure versions. Any idea how to solve for those 2 requirements?
@piotrekkaminski, @davidalger -
I think that the first point you make, Piotr, points to a bit of a fractured/contradictory approach here. Or maybe just a missing persona in your planning? I feel like a lot of assumptions have been made about the number of people who will be updating and upgrading via the web interface versus via an established dev workflow.
Given that Magento is open source, and all of the CE modules on repo.magento.com are open source, I think it's only a matter of time before someone setups up a public Toran proxy or a similar mirror that allows anonymous access to all of the CE modules on repo.magento.com, similar to the old OpenMage (I think that's what it was called?) efforts that provided a Magento 1 mirror on GitHub. This is not the first conversation in which I've seen a number of devs really getting frustrated at the lack of anonymous access to repo.magento.com, and I've learned that the community will either get frustrated and give up, or they'll write a hack/workaround to get around the frustration. It could save everyone a lot of time and frustration if you could find a way to allow anonymous access to repo.magento.com - basically, give devs and users the choice of either following the recommended approach of authenticated access to repo.magento.com or taking the more DIY/"you're on your own" approach to using anonymous access to repo.magento.com. This could be solved by a prompt in the installation process that requests, but doesn't require, authentication credentials, and lets users know why it's better/easier if they provide the credentials, but doesn't require it.
On the 2nd point - that's a good point. But I think that could be very easily resolved by a mid-installation or post-installation prompt in Magento itself that pops up and asks them to provide an email address for a low-volume, security-only mailing list so that they can be notified of patches, etc.
@piotrekkaminski, @joshuaswarren -
Seems this thread experienced the post-imagine effect. Totally forgot about the need to reply till I was too busy to do it ;)
First I want to note that I completely agree with what @joshuaswarren said in his last comment. He's spot on!
If the experience of using the Marketplace is the concern driving at gathering credentials as a barrier to installation, there are other approaches which solve the problem, and IMO would create a better experience for the merchant than they have today. The approach I'm thinking of here would involve presenting the user with clear instructions for linking their Magento installation to their Magento Marketplace account when they visit the setup wizard. This way, installation is allowed to remain simple, with few (if any) major barriers to standing up the software to play around with and use. But at the same time, there is a clear and consistent path forward for any merchant who desires to use the Marketplace.
Right now the experience for using the Marketplace post-install is easily fractured. For example:
I'm asking these questions mainly to point out examples of where the user experience is easily fractured depending on the method someone used to setup the software. The most common scenario where someone is currently forced to setup credentials in order to install is in the developer workflow of installing using composer create-project, yet that is also the one install method where the marketplace is the least likely to be used, and we just want to get the software up and running quickly.
To maintain a consistent user experience for marketplace use, the experience needs to be controlled post-install and within the admin area, not before when the method of installation could be so disparate. Get users up and running the software, then worry about getting their information!
The 2nd point you raise is a good one. What I would propose there is to include a prompt to sign-up for the security mailer post-login the first time a new administrative user logs into the system. This will have the added benefit of allowing all admins the opportunity to maintain awareness, not merely the individual who happens to be the chap setting up the Magento account necessary for installation. Another benefit here would be putting the prompt in front of everyone using the 1-click installs which don't require they go to Magento.com in the first place.
Currently the requirement for authenticating installs (CE installs via composer specifically) is highly annoying. Quite honestly, if I had the time, I'd very much be considering setting up a public Toran proxy to serve up packages, because these credentials are becoming quite the thorn in my side trying to build demo setups, quick install scripts, etc. In every case, I've got to have initial setup instructions for someone to create and account and go get credentials before they can get a demo going. An example of this would be here: https://github.com/davidalger/m2demo — I created this largely for those on our technical sales team to spin up a local copy of Magento 2 as a sandbox / playground for poking around in. It works great, provided each individual I setup on it goes out and creates an account to obtain credentials.
Anyhow, I hope I don't come off sounding like I'm complaining or being a bear, but I really do think that the choice to put authentication in the way of instilling the software is largely doing nothing but annoying developers (including myself) and failing to truly achieve what it sounds like the goal was in adding the requirement to begin with.
We work in the eCommerce space as we are working with Magento. The sites built with Magento target an audience that want something. We try to build an experience that reduces barriers and increases the enjoyment for the audience to reach a specific goal of providing value to the audience, and potentially exchanging value with the audience.
If we can reduce the barriers to the audience that is interested in starting or experimenting with Magento or that are trying to keep moving forward with Magento we stand to grow the community in a healthier way. A lot of the things in the Magento 2 architecture have greatly improved and reduced some of the barriers developers have run into in the past, but the installation process seems to have introduced some new barriers that could easily turn people away before they ever get a taste of the experience and enjoyment that Magento has to offer them.
Asking a customer on an eCommerce site to register an account before they are allowed to browse the products and offerings is a significant barrier to attracting new customers on a site, and it would likely interfere to some degree with existing customers as well. If we can delay the need for acquiring some kind of registration in order to get Magento installed and usable I would speculate that we would reach a broader audience in those initial steps. During the process of standing up the software, installing it, and seeing the site function is part of that evaluation process as people get familiar with what Magento is, how it works, and what can be done with it. There is typically some amount of experimentation, browsing, trying things out, and test driving, before anyone is ready to commit to moving further, and it seems that until someone is ready to move forward, they aren't ready to move past the barrier of registering and connecting their installation with the marketplace.
There isn't much value in registering a magento account until someone is prepared or in a position where they benefit from what the account and association with their installation is able to provide them. The value of the account and associated installation as pointed out, seems to primarily land around security notices, and marketplace integration. That value makes sense once someone is running a live store, or is has committed some effort to building on Magento and want to get additional functionality than what the core of Magento has to offer by itself. Until they are to that point, the effort involved in overcoming the barrier provides little or no immediately value or incentive, and it would be easy for people to just abandon the experience right there because of the effort involved.
There is plenty of effort involved in a Magento installation outside of the account registration and association with an installation. If that effort is delayed and placed in closer proximity to the value benefit, I think it would provide a more balanced and enjoyable experience for attracting more of an audience towards experiencing Magento 2.
No update since May -- assuming this isn't a priority for the engineering and am closing out.
Statistics say that they need around 3-6 month to close an issue or a PR. So a couple of days to go for the six month ... ;-(
Tagging @piotrekkaminski, per his request, regarding the post quoted below.
The short version: Irrespective of other goals and plans form the product team, a user needs to be able to
Without this ability, Magento will struggle to attract a significant number of new developers to the platform, and will lose a significant number of "DIY merchants" who have working class technical capabilities.
Regarding the specific post for context
It's always good to hear the internal team's perspective on where Magento is at and what future plans are -- if only to be reminded there are people working on this, and are people thinking about it. A lot of the above sounds great, and exactly the sort of things that should be done.
That said -- there's a few disconnects in the user groups/stories you've identified. I'll outline them below in individual comments.