SUN MICROSYSTEMS
.. .. .. .. .. .. .. .. .. .
W H I T E PA P E R
AUTOMATED WEB SITE HOSTING FOR ISP AND ASP S How Service Providers can Provide Automated Web Site Hosting Services using Sun Servers
TABLE OF CONTENTS Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 The Customer Experience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Customer Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Service Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The Customer Viewpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . .
. . . .
. . . .
. . . .
.3 .3 .3 .4
Implementing Web Hosting Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Service Provider Web Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Information Repository . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Using A Core DBMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Public-Domain Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Software Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Domain Name Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Trouble Ticket Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Domain Name Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Web, Mail, and FTP Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Credit Card Billing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Other Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 Evolutionware from Systemsfusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 Evolutionware Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Web Hosting Architectures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Web Server Architectures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Example Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Web Server Application Configurations . . . . . . . . . . . . . . . . . . . . . . Shared Application, Shared Server . . . . . . . . . . . . . . . . . . . . . . . . . Dedicated Application, Shared Server . . . . . . . . . . . . . . . . . . . . . . . Dedicated Application and Server . . . . . . . . . . . . . . . . . . . . . . . . . For More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. .13 . .13 . .14 . .18 . .18 . .18 . .19 . .20
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Sun Microsystems, Inc.
i
INTRODUCTION Analysts for years have been predicting the mass extinction of local and regional Internet Service Providers (ISPs), with varying estimates of the rate at which smaller ISPs would be consolidated into a few large, global providers. Indeed, as recently as January 1998, Information Week reported the Gartner Group’s estimate that the number of providers would shrink from 5,000 to only 400–500 by the year 2001. The facts, however, continue to defy the analysts: as of July 1999, thelist.internet.com reported the existence of 7,400 ISPs—hardly the plummeting number predicted only eighteen months earlier! Local and regional ISPs continue to flourish, according to a 1998 Infonetics Research study, because they have a business model that plays on their strengths—staying lean, agile, and working closely with customers. They maintain this competitive niche by keeping current customers satisfied—thus avoiding the high churn rates experienced by their larger counterparts. Some turnover is inevitable, however, and so is the constant challenge to keep current customers and attract new ones. New developments in ISP technologies represent either threats or profitable opportunities to local and regional ISPs, depending on whether they stay ahead of the adoption curve. One rapidly-emerging technology is automated Web site provisioning, as evidenced by the proliferation of sites like www.hiway.com and www.pair.com. Service providers that offer automated Web site provisioning enable customers to register their domain names, choose among various hosting packages, configure e-mail addresses and aliases, and manage Web sites—all without any intervention by the service provider. These facilities attract customers who require complete, immediate control over how their servers are managed without the inconvenience of placing customer service requests. Large Web site hosting services pose a threat to local and regional ISPs today because the economy of scale from automated hosting enables them to undercut the pricing of smaller ISPs that rely on manual Web site configuration. To compete effectively, local and regional ISPs must deploy their own automated services. The benefits to service providers that accept this challenge include: • Giving customers direct control over the services they receive, increasing satisfaction and reducing customer churn • Lowering costs of providing services and potentially increasing margin • Broadening the market and attracting new customers beyond a local or regional focus • Reducing dependence on personnel in today’s tight labor market In order to gain these benefits, service providers need reliable, secure, easily-managed, and scalable Web servers hosted on systems like those from Sun Microsystems. Sun builds a complete line of scalable server products—and Sun’s line of symmetric multiprocessing (SMP) servers ranging from the singleprocessor Ultra™ 5S server to the 64-processor Sun Enterprise™ (also known as Starfire™) server can handle some of the most challenging HTTP workloads. For telco and ISP installations, Sun’s Netra™ t 1120 and 1125 servers provide single- and dual-processing capabilities in a NEBS Level 3-certified, rack-mount package. And where space is at a premium, Sun’s Netra t1 server provides up to 440 MHz of UltraSPARC™ processing power and 1 GB memory in a remarkably compact, rack-unit package. Sun software delivers the power of the underlying computing platform to applications. Sun’s Solaris™ Operating Environment enables superior scalability. A lesser-known benefit—of practical interest to service providers—is the ability to scale down with Solaris Operating Environment software-based systems. This creates a broad range of flexible Web hosting options, including the ability to host multiple Web server applications—supporting different feature sets—on a single server.
Sun Microsystems, Inc.
1
Chapter 2 of this white paper discusses how automated Web provisioning systems enhance the customer experience; Chapter 3 discusses how ISPs can implement home-grown software or commercially-available packages; Chapter 4 illustrates how deploying Sun™ servers can provide scalable, reliable, secure, and easily-managed automated Web hosting services.
2
Automated Web Site Hosting For ISP And ASPs
THE CUSTOMER EXPERIENCE Automated Web hosting services enable customers to choose a hosting plan, register Internet domain names, specify billing information, and ultimately configure services and populate Web sites.
Customer Categories Customers of automated Web hosting services typically have one of three different sets of requirements for their Web sites: • Vanity Sites—These simple sites host a collection of static Web pages. They do not require large amounts of disk space, but may require one or two mailboxes, or the ability to alias user names like
[email protected] to a mailbox elsewhere. These sites are often populated via standard File Transfer Protocol (FTP) or through proprietary techniques like the Microsoft FrontPage extensions. For the simplest of sites, template-driven, Web-enabled authoring tools suffice. Traffic to these sites is typically low. • Merchant Sites—Merchant sites usually require much more disk space, and generate higher amounts of traffic, for example, from visitors browsing through online catalogs. These sites must be able to present and process forms using vendor-supplied and custom-designed CGI scripts, and to bill against their visitors’ credit card numbers. Merchant sites use electronic mail services more heavily than vanity sites, including more mailboxes, more mail volume, and potentially more aliases. They are populated using mechanisms like FTP or the Microsoft FrontPage extensions. • Complex Sites—Successful merchant sites generate more traffic, and thus require more sophisticated, custom services. Growing and rapidly-changing product catalogs are stored in database management systems that generate Web pages dynamically through server plug-ins and extensions. These sites track customer visits, and target repeat customers with focused advertisements. They present product and manufacturer overviews with streaming audio and video, and offer secure ordering through Secure Socket Layer (SSL) encrypted pages. They require large amounts of disk space and network bandwidth, and sometimes dictate the use of dedicated servers and high-availability clusters.
Service Summary Overall, the features that can distinguish different levels of service include: • • • • • • • • •
Registration and hosting of one or more domain names per account Amount of bandwidth allowed per billing cycle Amount of disk space allowed per site before per-megabyte charges apply Support for different Web site population mechanisms, including template-driven, Web browserbased tools, Microsoft FrontPage extensions, and FTP Mailboxes that allow remote access via Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) Aliases that forward e-mail messages to accounts elsewhere FTP site for Web site visitors to download software, products, and documentation Enabling site-specific CGI scripting and server plug-ins Streaming audio and video support
Sun Microsystems, Inc.
3
• Electronic commerce support, including product selection and ordering mechanisms, customer tracking facilities, SSL-based encryption, and credit card clearing services • Database access • Dedicated and high-availability server hosting
The Customer Viewpoint Automated Web hosting services give customers control over the products they purchase, including the contracted service level and the means to populate the Web site. The routes that users can follow through hosting services’ Web sites include several essential elements (Figure 1): • Greeting Page—A hosting service’s home page greets the customer, often with compelling content or design that encourages further exploration in the site. The home page may include ticklers for –introductory rates, advertising copy that helps to establish credibility, and company background information. From this page, the user might view or select specific service plans, or search and register an Internet domain name. • Service Options—From the home page, customers can explore separate pages that describe the benefits of each of the service plans offered. Well-planned sites allow customers to view service options before and after the selection of a domain name. • Domain Name Selection—The crucial step in signing up a new customer is finding a suitable domain name, or taking information to transfer an existing domain name to the new hosting service. Without having a domain name in the form of www.yourdomain.com, customers will see little value beyond the free pages offered by most ISPs, and will not likely continue the registration process. To keep customers engaged in the site, service providers should offer intelligent tools that match potential clients with appropriate domain names. The hosting facility can immediately check a requested name against the whois database, and can even use a semantic or linguistic engine on the front end that suggests several alternate names (or top-level domains like .org, .com, and .net) if the requested name is already registered.
4
Automated Web Site Hosting For ISP And ASPs
Service Plan 1 Description
Service Plan 2 Description Home Page Service Plan 3 Description
Choose Domain Name
Provide Billing Information
Agree To Contract
Administration Area Access Via Browser
Mail Configuration
Service Plan Upgrades
e-mail
Domain Registration Confirmation
Account Access Information
Change Hosting Options (SSL, FTP, etc.)
Figure 1. Customers proceed through a fairly standard set of steps in the process of setting up an account with an automated Web hosting service.
Sun Microsystems, Inc.
5
• Plan Confirmation—With an appropriate domain name and service plan selected, the customer often gets the chance to confirm choices made so far, and also to choose configuration details such as how the site will be populated. • Billing Information—Using an SSL-encrypted Web page, the customer now makes a commitment to the service plan and domain name by providing billing information. In the U.S., the authorization of a recurring credit card charge is usually required. Another alternative is to allow customers to provide a billing address. Regardless of the means of billing, the hosting facility must verify that the customer can and will pay for the service—either by making a credit card charge or receiving payment from the customer—before making the site available. And of course the software must be capable of suspending customers and deleting them if subsequent credit card charges or invoices go unpaid. Concurrent with the transfer of billing information is the acceptance of a service contract that legally binds the two parties. • Asynchronous Activities—At this point there is some delay while the credit card charge is processed, and a domain name registration form is sent to the appropriate name registry. Two independent e-mail confirmations might be sent: • If the automated Web site hosting software registers the domain name with the registration authority via e-mail (rather than through Internet-based APIs), the customer is often given a token number for tracking the request. • Customers might receive an e-mail confirmation that gives an IP address of the site (pending domain name registration), and user names and passwords for populating the site with content. • Access to Administration Area—Once the billing is complete, and the domain name request is initiated, the Web site is provisioned and the customer is allowed access to an online administration panel. This panel provides customers with control over their Web sites, including options such as: • Configuring mailboxes and aliases • Changing plan options and upgrading from one service level to another • Setting hosting options; choosing how the site will be populated, and establishing SSL certificates for merchant sites • Viewing log information and traffic summaries Once up and running, customers can populate their sites with their own content and change it as often as they wish, giving them superior service and complete control over the services they receive.
6
Automated Web Site Hosting For ISP And ASPs
IMPLEMENTING WEB HOSTING SERVICES Service providers that offer automated provisioning of Web sites can choose off-the-shelf software or create a home-grown infrastructure using a combination of custom and public-domain software components. Regardless of the choice, components must work together to provide a fluid user experience. This chapter discusses software issues, and the following chapter discusses how to support a fast-growing business on Sun servers.
Service Provider Web Site Service providers use their own Web sites to reach potential customers. These Web sites must attract customers and make it easy for them to sign up for service. Once a customer is registered, the Web site should help users to configure parameters, find answers to their questions on how to manage services, and contact customer service. Well-designed Web sites attract more new customers, keep existing ones satisfied and well-informed, and keep costs low by reducing telephone customer service. If custom Web site provisioning software is deployed, then creating the service provider Web site is a natural part of service development. Customizing the look and feel of the site will increase its effectiveness, especially if it is built using offthe-shelf templates.
Information Repository The core of an automated Web site provisioning service is a central repository that is used to store all information about customer accounts, including name and billing information, user names and passwords, service plans, Web, FTP, and e-mail configuration data, disk space and bandwidth utilization information, and customer service notes. When a new customer signs up for service, a new database record is created, and a set of processes is initiated using the new record (Figure 2). These processes can be encapsulated into software agents that undertake each specific task. For example, the agent that submits a domain name to a registration authority can generate a request, store a token number in the database, and change its status when a confirmation is received. Domain Name Service (DNS) information can be stored with the user account and used to automatically generate configuration files used by the name servers. Likewise with e-mail and FTP services, configuration files can be generated from information in the database, including addresses, passwords, and aliases. Agents configuring the Web site itself can make decisions on where to host the site based on service, performance, and load, and then store information on those decisions in the repository. Finally, resource usage statistics can be stored in the repository for customers to view, and for billing agents to use in calculating monthly charges.
Using A Core DBMS One philosophy to adopt when configuring custom automated Web site provisioning software is to automatically generate all configuration files for specific applications like DNS and Web server applications from the database. When the database—not the configuration files—is viewed as the authority, and configuration files are generated automatically from the database, it is difficult for administrators to make error-prone, one-of-a-kind configuration modifications. Another approach is to have changes in the database trigger requests for agents to create and maintain application configuration files. The latter approach is used by Systemfusions Evolutionware, and is discussed later in this chapter.
Sun Microsystems, Inc.
7
Domain Name Registration Agent
FTP Server Configuration Agent
Web Server Configuration Agent
Mail Server Configuration Agent
Central Repository
Figure 2. A database-centric automated Web hosting environment facilitates the use of small, modular agents that utilize database information to accomplish their well-defined tasks.
Public-Domain Solutions A good starting point for the database management system is a public-domain Lightweight Directory Access Protocol (LDAP) implementation. One such distribution is LDAP Version 3, available from the University of Michigan. With LDAP as the registry for all user information, many applications can utilize the LDAP data directly without intervening agents. For example, Sun Internet Mail Server™ software uses LDAP for user information, so it can directly leverage user information in a service provider’s database. Many public-domain packages are starting to integrate with LDAP—for example, a plug-in is available for standard sendmail that enables it to access user information through LDAP. Also, short C programs can be used by Perl and shell scripts to store and retrieve database information. Another alternative public-domain software database is MySQL, which can also integrate with LDAP.
Software Components Building an infrastructure for automated Web hosting based on a central database involves building a set of relatively straightforward components that perform management tasks. Whether components are built from scratch, or off-the-shelf components are used, software is needed to accomplish the functions described in this section.
Domain Name Registration Automated Web hosting service customers usually register a new Internet domain name as part of the process of signing up for new service. Domain name registration software must accept a desired domain name and check to see if it is available. If it is not, dictionaries and different top-level domains can generate alternatives—an offer that tends to keep a customer engaged and motivated. In fact, at least one Internet Web site only registers domain names for their customers for a fee above that charged by the registration authority.
8
Automated Web Site Hosting For ISP And ASPs
In the United States, domain name registration for the .com, .net, and .org top-level domains is currently handled by a single central authority. Unfortunately, Web-based Application Programming Interfaces (APIs) that interactively register a new domain name do not exist. Therefore, automated Web hosting software must generate a registration form using a standard template which is electronically mailed to the registration authority. The form includes the desired domain name, contact information for the customer and the service provider, and addresses of name servers for resolving name-to-IP address mapping requests. Large service providers typically have accounts with the registration authority, which enables them to directly bill the customer, or to have the registration authority bill the customer for registration fees. Manual intervention is often required when requested domains are not available, or when domain names must be transferred. There is a window between a request and its processing during which another entity could register a particular domain name. In such a case, the later domain name request is rejected and the customer is contacted by the service provider to choose another name. When customers wish to transfer existing domains to a new service provider, a variety of situations can arise that are best handled by an administrator. A trouble-ticket mechanism is needed to help ensure that all manual steps are handled in situations that require intervention.
Trouble Ticket Handling A trouble ticket mechanism can facilitate the manual processing of exceptions—both expected and unexpected. At minimum, a provider must help ensure that requests are e-mailed to administrators; a more effective solution is to use off-the-shelf, commercially-available help desk and trouble tickethandling software.
Domain Name Service Once the domain name registration process is set in motion, configuration mechanisms must determine on which systems to host Web, mail, and FTP services. This choice depends on the level of service purchased, current configurations, and planned workloads. Once IP addresses for the various services purchased can be determined, an agent handling the domain name service can create a new zone file for the primary and secondary DNS servers and instruct them to re-read their configurations. When building such an agent, it is important to consider the various exceptions that must be handled—for example a domain where the customer provides its own mail server and is contracting for Web services only. In this case, Mail Exchanger (MX) records must point to a server outside of the service provider, while the Address (A) records for the Web site must point to a server within the service provider network.
Web, Mail, and FTP Server Configuration The process of configuring Web, mail, and FTP servers is similar to the DNS configuration example. Once a service package has been purchased and the location of the various servers determined, the application configuration files can be created or modified, the template files placed into position, and the service made available to the customer. Even the process of configuring a single Web server application per system can be automated by drawing from a pool of pre-configured systems or by generating a request for an administrator to configure a new system with a particular IP address and server software. Of course the more standard service packages are provided, the easier it is for service providers to automate software installation and configuration.
Sun Microsystems, Inc.
9
• Web Server Application Configuration—Service providers have the luxury of many choices of Web server applications for hosting their customers’ Web sites—including Sun WebServer™, Netscape PublishingXpert and Netscape CommerceXpert; and the public-domain Apache Web server application. For each of these Web server applications, software modules can be developed to prepare configuration files based on customer requirements. • Mail Server Configuration—A variety of mail server packages can be configured to directly utilize information in an LDAP database, including Sun Internet Mail Server, Netscape Messaging Server, and—with an LDAP plug-in—public-domain sendmail. Customers will need access to their mailboxes through POP or IMAP protocols—both provided with the Sun and Netscape products. Customers also need flexible options for creating new mailboxes and aliases. • FTP Server Configuration—Automatic Web hosting service providers usually provide FTP access for customers to populate their Web sites, and customers often purchase their own FTP sites for use by their customers. Both Sun Internet FTP Server™ and the Washington University’s public-domain FTP server provide file transfer services. Sun Internet FTP Server can integrate directly with information from an LDAP database, and wu-ftp can be modified to leverage LDAP information.
Security Automated Web hosting facilities typically host a large number of sites—which makes them more attractive targets for hackers. A first line of protection is perimeter defense, consisting of packet-filtering routers and firewalls with stateful packet filtering and proxies; a second line of defense is to lock down each server in the facility by removing unnecessary services and closing down unused ports. Sun’s SunScreen™ SPF-200 software provides a high level of security due to its stealth nature—systems running this firewall software have no IP address and are therefore invisible to hackers. Service providers should lock down Web, mail, and FTP servers with low-cost SunScreen EFS™ software that can be run on the same servers as the various Internet service applications. A good security plan for an automated Web hosting facility includes allowing HTTP, HTTPS, and FTP access to all IP addresses that can be configured for Web services; SMTP, POP, and IMAP should be allowed only to the servers supporting e-mail access. It is possible to develop scripts that selectively open ports in the routers and firewalls during configuration Web service configuration, however the use of software with those capabilities increases a service provider’s vulnerably even more than the opening of unassigned HTTP, HTTPS, and FTP to IP addresses.
Credit Card Billing The most common means for automated Web hosting facilities to bill customers is through recurring credit card charges. These capabilities are built into the Netscape CommerceXpert platform, and can also be leveraged using online credit card billing services such as Cybersource (www.cybersource.com). Cybersource automates the “buy” button for service providers and their customers by communicating credit card charge information to a Cybersource server via the encrypted Simple Commerce Messaging Protocol (SCMP). By utilizing secure, online facilities to complete credit card transactions, service providers can focus on their core business development. Many automated Web hosting facilities are integrated into telephone company ISPs, and into other large organizations with existing billing systems. In these cases, the Web hosting service creates billing records or completes transactions that are consistent with the existing infrastructure.
10
Automated Web Site Hosting For ISP And ASPs
Other Services Automated Web hosting providers must offer a number of other services. One is a customer administration console, whereby customers can configure their e-mail addresses, aliases, FTP sites, and Web site configuration parameters: disk space quotas, electronic commerce software, SSL certificates, and custom CGI scripts. Another is performance and bandwidth monitoring that enables use-based billing and intelligent decision making regarding where to host newly-created Web sites, and timely feedback to customers regarding the popularity of their sites.
Evolutionware from Systemsfusion For service providers that prefer an off-the-shelf product that will enable them to offer automated Web hosting to their customers, Evolutionware (www.systemsfusion.com) provides a comprehensive solution. Evolutionware software handles the management of Web hosting, Internet domain name registration, email, and FTP services from a central administration console. Evolutionware presents a Web site-based customer sign-up interface that can easily be customized with graphics, service packages, and pricing that is specific to each service provider. Evolutionware is currently deployed at more than ten locations including UUNET/iafrica.com. It has hosted up to 450 domains on only three servers, and 100 percent of Evolutionsware’s functionality is supported in the Solaris Operating Environment, with limited degrees of support provided for other operating systems. The automated Web hosting management features supported by Evolutionware include: • Administration—The administration server enables authorized customers and administrators to manage operations: first, the customer administration interface allows customers to manage e-mail accounts, Web server application parameters (such as disk space), log information, and billing status; second, the administrator interface enables authorized administrators to manage customers, domains, DNS records, and e-mail services, as well as information in the central database. • Web Servers—Evolutionware’s Web server application management handles configuration of sites for customers, enabling FTP access for populating the sites, and management of disk space and quotas. Evolutionware currently supports both Netscape and Apache Web server applications on Solaris servers. • Mail Servers—Mail server management features include the ability to create new accounts accessible through POP or IMAP, and to configure the mail server for new domain support and customer-defined aliases. Evolutionware supports standard sendmail, Netscape, Post.Office, Intermail, and Exim mail servers. • Router Management—In order to enable use-based billing, Evolutionware can interrogate routers through the Simple Network Management Protocol (SNMP) to determine the bandwidth utilized by each host. Evolutionware passes this information to the customer billing system as required. • Domain Name Service—Evolutionware supports a customized version of the Berkeley Internet Name Daemon (BIND), which creates configuration files on primary and secondary servers for each new domain, and re-starts the daemon as necessary. • Domain Name Registration—Domain name registration is handled by mailing template request files to registration authorities, and then tracking responses. • Job Tracking—Evolutionware includes an integrated job tracking mechanism that enables administrators to respond to unusual conditions and to view jobs that have not been completed, for example incomplete domain name registrations. • Billing—Evolutionware is designed to export data to third-party billing systems.
Sun Microsystems, Inc.
11
Evolutionware Implementation The Evolutionware software package is implemented with a set of core software that runs on the administration server, storing customer and accounting information into a MySQL database, and directing agents on Web, e-mail, and DNS servers to undertake whatever configuration activity is necessary to support current and new customers (Figure 3).
Registration Authority Reg. Agent SMTP
Configuration and Accounting Databases
Administration Server
Internet
Admin Agent
Router CORBA, SNMP, SMTP Management
Web Server Agent
Web Server Agent
Web Servers
Web Server Agent
Domain Name Registration Authority
SNMP Agent
DNS Server Agent
Mail Server Agent
DNS Server
Mail Server
Service Provider Network
Figure 3. V:serv software manages Web, DNS, and mail servers through object-oriented CORBA interfaces that interact with configuration daemons on the various servers; router traffic is monitored via SNMP, and requests are made of registration authorities via SMTP. Communication between the core software and the agents running on the installation’s servers is accomplished with object-oriented Common Object Request Broker Architecture (CORBA) interfaces. Each server hosts an agent specific to the function to be performed (e.g., Web, e-mail, or DNS configuration) and the server software to be configured (e.g., Apache or Netscape). Upon request of the core software, agents perform configuration activities and provide completion information. Any situations that require manual intervention generate job tracking tickets which are managed by the job tracking subsystem.
12
Automated Web Site Hosting For ISP And ASPs
WEB HOSTING ARCHITECTURES Automated Web hosting architectures must ultimately reflect customer needs which are constantly growing and changing. Therefore, the most effective platforms are those that give architects the largest number of options. With a range of server products supporting from 1 to 64 processors, Sun provides superior scalability—and scalability means flexibility for service providers. For Web hosting facilities, for example, service providers can choose configurations based on current needs, and scale both vertically and horizontally as customer demand for services grows. With the power of the Solaris Operating Environment available to them, service providers can choose from a variety of software-based solutions to provide different service levels to different customers. Computing power can be allocated on a per-customer basis using Solaris Resource Manager™ software; bandwidth resources can be managed using Solaris Bandwidth Manager software. Known for its ability to enable ISPs to scale upwards in terms of processing power, Solaris Operating Environment software also enables scaling down—using techniques described in this chapter, service providers can run multiple Web server application instances on the same physical server, enabling a rich set of configuration possibilities. Also, because Solaris Operating Environment software was designed from the ground-up to be networked, administration can be performed remotely. This enables lights-out management and reduces personnel costs.
Web Server Architectures Beyond the issue of deploying hardware and software to support automated Web hosting environments lies the issue of how to deploy servers to host individual customer sites. Traditional Web hosting environments are deployed using a three-tier model, which can be physically realized in one, two, or three tiers, depending on the size of the installation. The layering of tiers is typically: • Front-end Web Servers—This tier is usually composed of one or more Web servers that are accessible to clients over the Internet. Servers are often deployed in a load-balancing configuration where a load-balancing switch or software like Resonate’s Central Dispatch (www.resonate.com) is used to direct incoming requests to the least-loaded server. Sun has found that deploying five Web servers strikes a good balance for high-availability services; in the event of a single server failure, the other four servers can service the same workload without a dramatic performance degradation. As the workload increases, these five servers can be scaled vertically by configuring additional processors in the servers, or by upgrading them to multiprocessor-capable servers. • Content Server Middle Tier—All of the front-end Web servers access content stored in a middle tier. By storing content in a common location, all of the front-end servers maintain access to the same content without having to be updated individually. The middle tier can take many forms. The simplest form consists of a set of servers configured as a single high-availability (HA) NFS™ server that provides static content to the front-end Web servers. More sophisticated is a configuration that provides dynamic content with an application server specially tuned for the purpose. And the most sophisticated environments include application servers that interact with transaction and database servers in the back end to enable everything from airline reservations to credit card clearing and customer affinity services. • Transaction and Database Servers—The back-end transaction and database servers are never accessed by the front-end Web servers; instead they are accessed through application servers. This adds a level of security between the services provided to authorized users on the Internet and the
Sun Microsystems, Inc.
13
raw data and transaction access handled at the deepest layer of the network. For example, if a transaction server capable of handling stock purchases were configured in this tier, the application server (one tier closer to the customer) would be required to implement the business logic to determine— among other things—whether the customer has sufficient funds to make the transaction. Although multi-tier architectures can seem quite complex, they offer superior scalability, performance, and availability. Each tier can be scaled in the manner best suited to its function: Web servers can be scaled horizontally to provide greater availability, while database servers can be made highly available through the use of server clusters. Additionally, the multi-tier model naturally supports geographicallydistributed sites.
Example Configurations This section depicts how a service provider can deploy Sun servers to grow from the simplest, two-tier architecture to a highly available, three-tier configuration that accommodates growth in the automated Web hosting business. These examples illustrate the use of carrier-grade Netra t1 and Sun Enterprise™ 250 servers. • Netra t1 Servers—Designed with the help of service providers with features that facilitate use in rack-mount, lights-out environments, Sun’s Netra server products are based on the robust, scalable SPARC™ and Solaris Operating Environment. These servers continue Sun’s long tradition of binary compatibly across its entire product line. The Netra t1 is Sun’s newest low-end, rack-mounted server. Requiring only one rack-unit height, up to 40 of these servers can be stacked in a standard 72-inch rack. The Netra t1 server can be configured with up to a 440 MHz UltraSPARC™ IIi processor, 1 GB of main memory, two hot-swappable 18 GB disk drives, and an internal CD drive. The Netra t1 server comes standard with two 10/100 Mbps Ethernet interfaces, which facilitates using it as a low-cost firewall. The server can be expanded further with interface cards installed in its single PCI bus slot. The Netra t1 server is designed for ease of serviceability, with hot-swappable disks accessible from the front panel, and all cabling on the back panel. In the event of a failure, the unit can be swapped out while its externally-accessible host-ID module is moved to the new server so that only a brief interruption in software licenses is encountered. • Sun Enterprise 250 Servers—The Sun Enterprise 250 server is a versatile mid-range server designed to deliver superior scalability and reliability at an affordable price. The rack-mountable tower server’s blend of computing power, expandability, disk I/O throughput, network I/O performance, and remote monitoring features make it perfect for running back-end software for ISP installations that require robust application servers, databases, and NFS server services. The Sun Enterprise 250 server supports up to two 250-MHz, 300-MHz or 400-MHz UltraSPARC-II processors, 2 GB of memory, six internal 18-GB UltraSCSI-3 disk drives, and four high-performance PCI I/O buses that can move over 350 MB of data per second. Because of its remote monitoring capability and other RAS features, the Sun Enterprise 250 server meets the strict requirements of ISP installations.
14
Automated Web Site Hosting For ISP And ASPs
SINGLE FRONT-END SERVER A simple Web hosting architecture uses a single front-end Web server and a single back-end NFS server for storing content (Figure 4). The illustration shows a single Netra t1 server-based firewall protecting the Web server by allowing only NFS server traffic between it and the content storage networks. A Netra t1 server is used as the front-end Web server, and a single-processor Sun Enterprise 250 server with internal disks is used to provide content via the NFS server. This architecture prepares a service provider for rapid growth. The Web server layer is best scaled horizontally until five servers are configured, so uniprocessor servers are used at this level. The content storage network is scaled horizontally and vertically as demand grows from the Web servers, so the expandable Sun Enterprise 250 server is used here.
Internet Netra t1 serverbased Firewall
Netra t1 serverbased Web Server
Web Servers
Sun Enterprise 250 Content Server
Content Storage
Figure 4. Web server with separate content storage network for ease of scaling MULTIPLE FRONT-END SERVERS A significantly scaled-up version of the simple configuration uses five front-end Web servers, an HA NFS cluster in the content network, and an application server tuned for providing dynamic content (Figure 5). The HA NFS cluster is built using dual-processor Sun Enterprise 250 servers and dual-ported Sun StorEdge™ D1000 disk storage devices. The Web servers are horizontally scaled with five Netra t1 systems that each host exactly the same Web server application. Load is shared across the servers by running Resonate’s Central Dispatch Primary Scheduler on one server, with a Backup Scheduler configured on another server. Central Dispatch is a software load-balancing product that enables all Web traffic to be directed to a single server which— through patented TCP Hop technology—translates addresses and ports to re-direct requests to different servers in the network based on configurable parameters. This configuration results in a good balance of performance and availability that automatically adjusts to quickly-changing workloads and the possibility of a server failure. Sun’s experience using Central Dispatch in a cluster of Sun Enterprise™ 4000 servers is that it requires minimal resources on one server to handle the translation and redirection of requests. Central Dispatch plays a key role in facilitating the highly-scalable software configurations discussed in the next section.
Sun Microsystems, Inc.
15
Internet Netra t1 serverbased Firewall
Web Servers
HA NFS Content Server based on StorEdge Storage
Custom-Tuned Application Server
Content Storage
Figure 5. Web hosting environment scaled up to five front-end Web servers, HA NFS content storage, and separate, custom-tuned application server. The content storage network is scaled from the simple example by expanding the single NFS server into a high-availability cluster where dual, redundant servers and storage devices help ensure that no single hardware failure can take the NFS server service out of operation. In addition, a separate server is configured to provide dynamic content to the Web servers. Decomposing services onto separate servers, providers can tune each one specifically to perform optimally for the task at hand.
16
Automated Web Site Hosting For ISP And ASPs
FULL THREE-TIER CONFIGURATION Beyond the two-tier implementation lies a variety of custom-designed architectures that might include the addition of dedicated Web server clusters configured for individual customers; back-end database servers; back-end transaction servers; and HA configurations of application servers. Some of these features are illustrated in Figure 6.
Internet Netra t1 serverbased Firewall
Web Servers
HA Application Server
HA NFS Content Server
Content Storage
HA Database Server
Database
Figure 6. Full three-tier Web server configuration illustrating a high-availability application server in the middle tier, and an HA database server in the back end. The power of the content storage tier can support several more front-end Web servers if desired. As business continues to grow, service providers often consider multiprocessor Sun Enterprise servers, with up to 64 processors per system. These choices balance the desire to have fewer servers to reduce maintenance costs, with the desire to have enough servers to configure high-availability clusters. Some of Sun’s largest service provider customers use Sun Enterprise 10000 (Starfire) servers to provide services to their customers. The Starfire server provides the ultimate reliability, availability, and serviceability (RAS) features that minimize maintenance and administration costs. The Starfire server’s Dynamic Systems Domains feature enables sets of processors, memory, and I/O devices to be grouped into separate, electrically-isolated systems, each with its own copy of the Solaris Operating Environment
Sun Microsystems, Inc.
17
and server software. The combination of RAS features with dynamic system domains enables service providers to configure high-availability clusters and dedicated Web servers for customers all in a single, easily-managed package.
Web Server Application Configurations Most automated Web hosting facilities offer a variety of different service plans and packages, including vanity site hosting, e-commerce site hosting, and dedicated hosting. Microsoft Windows NT-based Web servers have limited scalability and limited configuration options, so service providers must deploy more servers in order to offer a full range of configuration options for users. The result is an undesirable proliferation of servers that ultimately results in high costs of ownership. Symmetric multiprocessing Sun servers enable software configurations that provide the benefits of multiple service packages—and even dedicated Web server applications—all in a single, easily-managed server. There are three options for hosting Web services that can host multiple Web server applications on a single server.
Shared Application, Shared Server The simplest and most cost-effective means of Web site hosting is to configure the Web server application to host a virtual domain for every Web site on a shared server. A single Web server application can host a large number of virtual domains, and Solaris Operating Environment software enables the support of up to 8192 IP addresses per network interface—and even more sites can be hosted on a single server by configuring Web server applications to listen on different ports. The shared-application, sharedserver model can be extended to multiple servers in an HA configuration by simply deploying each physical server with the same Web server application software and configuration files. The shared-application, shared-server configuration can also be extended to support several Web server applications on each physical server, enabling service providers to utilize a different Web server application configuration for each service package offered to users. For example, an entry-level package to support vanity sites can be configured to deliver only static content and a limited number of pre-configured CGI scripts for counters and visitor logs. Another instance of the Web server application can be configured to support shopping carts and credit card billing. Customer sites can be configured into the Web server application depending on the service package that was purchased. Multiple Web server applications per physical server can be accomplished by using load-balancing software or switches to map incoming client requests for port 80 (HTTP) to the port number corresponding to the Web server application supporting the client (Figure 7). For example, if a Web server application is configured to listen on port 8090, the load balancing software maps incoming requests for port 80 to the IP address of the least-loaded server and port 8090.
Dedicated Application, Shared Server An alternative model is to host a dedicated Web server application within a share d environment. This can be done using the port-mapping mechanisms illustrated in Figure 7. This model simplifies management of custom configurations, reduces support costs, provides HA features inherent in the multiple, shared server architecture, and lowers the incremental costs of performance management. The dedicated application, shared server environment can be managed using Solaris Resource Manager software to allocate processing, memory, and I/O resources to Web server applications according to the contracted level of service; Solaris Bandwidth Manager can be used to control the bandwidth used by each Web server application in the shared environment; meanwhile, Resonate’s Central Dispatch
18
Automated Web Site Hosting For ISP And ASPs
Internet Premium Server Site Request, Port 80
Vanity Site Request, Port 80 (HTTP) Load-Balancing Device or Software With Port Mapping Capability
Port 80
Vanity Site Web Server Application
Port 8080
Mid-Range Web Server Application
Port 8090
Premium Web Server Application
Figure 7 Load balancing mechanisms (hardware or software) can be used to map IP addresses and ports so that multiple instances of Web server applications can be hosted on the same physical server. performs high-level load-balancing tasks. This combination of resource, bandwidth, and load management enables a significantly higher level of flexibility and control than the dedicated hosting model—at a much lower cost. Larger service providers need to offer customers the option of dedicated servers, which are attractive because they offer the appearance of excellent performance, availability, and bandwidth. Dedicated hosting begins with a higher cost model than shared hosting, and when the cost of adding HA features— including redundant servers—is added to the picture, they can become prohibitively expensive. They are more difficult for service providers to maintain given the number of additional servers for which software upgrades must be managed. Finally, performance and scalability is limited by the dedicated resource, while bandwidth is still usually shared in the service provider network.
Dedicated Application and Server When very large customers absolutely require dedicated Web server applications on dedicated servers, the resource requirements typically dictate the use of large multiprocessor servers. Because Web server applications are moderately scalable, and because the Solaris Operating Environment enables highlyeffective use of each processor, between 1 and 8 UltraSPARC CPUs can be allocated to each Web server application. When service providers host a few of these customers, the benefits of Sun’s Starfire server platform and dynamic system domains begin to outweigh all other hosting options. Large, dedicated customers can be easily managed by assigning one server per domain, and as workloads shift, the allocation of processors to domains can be adjusted dynamically. And with hot-swappable processors, memory, and I/O devices, customer sites can be upgraded with no interruption in service.
Sun Microsystems, Inc.
19
For More Information This chapter has covered some of the highlights of configuring servers and Web server applications for automated Web hosting environments. There are many other details which should be considered in designing a complete hosting environment, including the use of separate administration networks and terminal servers for accessing console ports. This is an area worthy of an entire paper, and more details can be found in Sun’s white paper entitled: “Internet Service Provider Configuration Guidelines, v2.5,” available from local Sun offices.
20
Automated Web Site Hosting For ISP And ASPs
CONCLUSION The market for automated Web hosting facilities is in its infancy, yet it is a critical area for local and regional ISPs to address. Local and regional service providers have been successful because they provide superior service to their customers—and one challenge in keeping their customers is to offer automated Web hosting services that provide more control over their accounts than with competitors that require a phone call to change server configuration parameters. Service providers have a choice of providing automated Web hosting facilities. They can integrate publicdomain and custom software components, or deploy an out-of-the box solution like Evolutionware from Systemfusion. Regardless of the solution, service providers—who already use Sun servers 75 percent of the time—will find that the most reliable, scalable, and flexible platforms on which to implement their services are those from Sun Microsystems. With the ability to scale down to multiple Web server applications per server and scale up to many processors per Web server application, Sun offers a large set of choices for automated Web site installations. Whether the choice is to use rack-mounted, carrier-grade Netra servers and storage, or stand-alone data center-ready servers like the Sun Enterprise 10000 server, service providers will find lower costs and increased business when they deploy their service packages on servers from Sun Microsystems.
Sun Microsystems, Inc.
21
22
Automated Web Site Hosting For ISP And ASPs
REFERENCES Sun Microsystems posts product information in the form of data sheets, specifications, and white papers on its Internet Web page at www.sun.com/. A related white paper of interest to readers is Sun’s Internet Service Provider Configuration Guidelines, v2.5. Please contact your Sun representative for a copy of this document.
Sun Microsystems, Inc.
23
24
Automated Web Site Hosting For ISP And ASPs
HEADQUARTERS
SUN MICROSYSTEMS, INC., 901 SAN ANTONIO ROAD, PALO ALTO, CA 94303-4900 USA PHONE: 650 960 -1300 OR 800 555-9SUN INTERNET: www.sun.com
SALES OFFICES AFRICA ( NORTH, WEST, AND CENTRAL ):
+33-1-3067-4680 • ARGENTINA: +54-11-4317-5600 • AUSTRALIA: +61-2-9844-5000 • AUSTRIA: +43-1-60563-0 • BELGIUM: +32-2-716-79-11 • BRAZIL: +55-11-5181-8988 • CANADA: +905-477-6745 • CHILE : +56-2-372-4500 • ESTONIA: +372-6-308-900 • FINLAND: +358-9-525-561 • FRANCE: +33-01-30-67-50-00 • GERMANY: +49-89-46008-0 GREECE: +30-1-618-8130 • HUNGARY : +36-1-202-4415 • ICELAND: +354-563-3010 • INDIA: +91-80-559-9595 • IRELAND: +353-1-8055-666 • ISRAEL : +972-9-951-3465 • ITALY : +39-039-60551 • JAPAN : +81-3-5717-5000 • KAZAKHSTAN: +7-3272-466774 KOREA: +822-3469-0114 • LATVIA: +371-750-3700 • LITHUANIA: +370-729-8468 • LUXEMBOURG: +352-49-11-33-1 • MALAYSIA: +603-264-9988 • MEXICO: +52-5-258-6100 • THE NETHERLANDS: +31-33-450-1234 • NEW ZEALAND: +64-4-499-2344 • NORWAY: +47-2202-3900 PEOPLE ’S REPUBLIC OF CHINA: BEIJING: +86-10-6803-5588; CHENGDU: +86-28-619-9333; GUANGZHOU: +86-20-8777-9913; HONG KONG: +852-2802-4188; SHANGHAI: +86-21-6466-1228 • POLAND: +48-22-874-7800 • PORTUGAL: +351-1-412-7710 • RUSSIA: +7-502-935-8411 SINGAPORE : +65-438-1888 • SLOVAK REPUBLIC: +421-7-522-94-85 • SOUTH AFRICA : +2711-805-4305 • SPAIN : +34-91-596-9900 • SWEDEN : +46-8-623-90-00 • SWITZERLAND : +41-1-825-7111 • TAIWAN : +886-2-2514-0567 • THAILAND: +662-636-1555 TURKEY: +90-212-236-3300 • UNITED ARAB EMIRATES: +971-4-366-333 • UNITED KINGDOM: +44-1-276-20444 • UNITED STATES: +1-800-555-9SUN OR +1-650-960-1300 • VENEZUELA: +58-2-905-3800 • WORLDWIDE HEADQUARTERS: +1-800-555-9SUN OR +1-650-960-1300 COLOMBIA: +571-629-2323 • COMMONWEALTH OF INDEPENDENT STATES: +7-502-935-8411 • CZECH REPUBLIC: +420-2-33-00-93-11 • DENMARK: +45-4556-5000
© 2000 Sun Microsystems Inc.RESTRICTED RIGHTS LEGEND: Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19. The products described in this manual may be protected by one or more U.S. patents, foreign patents, or pending applications. TRADEMARKS Sun, Sun Microsystems, the Sun logo, Sun Enterprise, Starfire, Sun WebServer, Sun Internet Mail Server, Sun Internet FTP Server, Ultra, Solaris, Solaris Resource Manager, Netra, Sun StorEdge, SunScreen, SunScreen EFS, and NFS are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and or other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the United States and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. THIS PUBLICATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. THIS PUBLICATION COULD INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN; THESE CHANGES WILL BE INCORPORATED IN NEW EDITIONS OF THE PUBLICATION. SUN MICROSYSTEMS, INC. MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE PRODUCT(S) AND/OR THE PROGRAM(S) DESCRIBED IN THIS PUBLICATION AT ANY TIME. This paper was made possible through the contributions of Steve Gaede, Petrus DuToit, Bruce Baikie, James Baty, Nevo Hadas, James Simon, and Michael Wallace. Printed in USA 9/99 FE1079-0/2.5K
