4

Being completely new in the webhostingcorner I have a few questions on how to implement/setup a webserver for a SaaS application. I'm about to rent my own server for a new product (CMS) I'm launching in two months. Developing the system wasn't that much of wild ride to me, but a correct way to implement it, is.

So lets say this is my situation:

  • I want to host 10 websites for 8 clients.
  • There are 6 single sites, and two clients have two websites they can manage with my software.
  • The CMS must be placed on the server too, all clients are connecting to 1 system
  • The database must be placed
  • Depending on the contract a client makes, the client gets some storage. How to measure the used storage over the DB, FileSystem and email
  • Clients may not, in any case be able to somehow get outside their directory, but from the CMS directory the CMS must be able to create files and dirs in a clients directory (for templates, imagegalleries, widgets, etc, etc).

I was thinking about something like a dirstructure like this:

./CMS/ [all CMS files]

./Websites/*/ [all websites]

My hostingprovider will install updates to the os (CentOS, latest) and the admin panel (Direct Admin).

Is there anybody with experience on this topic? Or do you have some thoughts about it? please join the conversation since I'm completely new to this.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Ben Fransen
  • 143
  • 1
  • 9
  • Hello Ben, have you figured out a solution for the same? If yes would love if you could share some ideas regarding implementation. –  Sep 24 '10 at 16:26
  • I came up with a dedicated server with a specialized PHP config. *I don't know what package/module/thingy my ISP turned off, but I have access from one hosting account to the other from the very root by changing the base dir and adding my CMS to the include_path (on the website accounts). – Ben Fransen Sep 25 '10 at 12:05

5 Answers5

1

Have you considered a virtualization strategy? That way you can easily manage the amount of disk space available for a client. You can make sure clients can't access each others stuff. And you can be prepared to scale out to a more clients by making sure that the virtual machines are automatically installed by a template or from a golden image. If you need more hardware, just add another host and start deploying virtual machines or move already running virtual machines to the new host. Also properly setup virtual infrastructure will enable you to very quickly move virtual machines into a public cloud like Amazon EC2 or RackSpace. If a client of yours gets slashdotted it can be a life safer to just throw that clients virtual servers into the cloud and not have your other clients get bogged down.

0

Without knowing all the details of your actual CMS application it is somewhat hard to advice specifically. But assuming the CMS software has some system in place to differentiate between the clients and what they can access your DirectAdmin system will solve the rest more or less; it is able to chroot the users (keep them in their own directory), measure bandwidth, diskspace usage and enforce quota's. It also installs MySQL I think.

It should pretty much do what you want but with a catch: only if you install your CMS on every client's domain. Which is something you do not want.

So I would look into linking (man ln) your CMS software to each home dir, making it available. Test this - and be VERY AWARE that if I can write to your CMS software I can hack all other clients that use this CMS. So look into setting correct permissions (man chmod / man chown).

You should be able to solve the issues by adding clients to certain groups and giving the webserver user access to some (storage) directories while the clients themselves can not write there.

Matt
  • 295
  • 2
  • 10
  • How would a hosting panel have any idea how to chroot applications? It can't possibly know the requirements an application has, does it chroot complete apache installations? Also what's wrong with installing the CMS multiple times please elaborate – Martin M. Jun 19 '11 at 11:34
0

Personally I'd forget about the about symlinking, disk space is indeed cheap and upgrading the installation of your CMS to a broken state (it will happen) pisses of all your clients at once.

Create one installation per client, I do hope that it's an application feature to manage multiple distinct sites with the CMS and not the OS, it's just the wrong place and I recommend everyone to run not walk away from a product that claims to be able to manage multiple sites but in reality just needs multiple installations.

The Pros:

  • upgrades that break will not piss of all clients at once
  • you can expose new features to a small fraction of clients (yes 1 out of 10 is still viable for this, maybe it's someone you can talk to better than the others and suggest them they take a test drive)
  • if one client breaks the installation because of security bugs no other client will be affected (unless the escalation goes to a deeper level that b0rks the system)
Martin M.
  • 6,428
  • 2
  • 24
  • 42
0

I don't get that shiny new term now widely used on the Internet "SaaS", but... let's join the discution :)

Is your software ready ?

For disk space quotas there are a few possibilities:

  • standard quotas (managed at the filesystem level, let's say on extfs as it is the most common)
  • partitioning / volume management: LVM is very handy to create slices of disk space for the costumers

If I understand you well enought, everybody would get the same software but may be able to add its extra files/themes.

I don't know if it would be a great solution for you but it is possible to mount a reference template (let's say a LVM slice) in read-only mode and mount in write mode a customer disk space on a "theme" or "custom" folder.

This way, all changes you make to the reference template is "deployed" for all your customers.

Tell more about your wishes and needs so that we can add more advices

zecrazytux
  • 639
  • 3
  • 7
0

To get it more like a conversation I'll post a new answer.

SaaS is indeed a new term since a year or two, and rising in popularity. In fact it's just a servicebased contract with your clients. They rent your software to keep up with their competence ;)

My software is almost ready. The interesting parts are all done, the displaymodules (template renderer) needs optimalization, but it's ready for testing.

Can i combine the used quotas in the database with the used diskspace and used emailspace?

The mounting will not be an option since all clients are paying for a unique template. A thing which is a mustrequirement.

Ben Fransen
  • 143
  • 1
  • 9