Motivation and Background

• In Canoga, sharing collections (e.g. a Calendar) will require a WebDAV server, as a collaboration server. See SharingNetworkArchitectures^? for more detail.
• In order to reduce the barriers to entry for adopting Chandler, in particular to obviate the need for a server administrator for the typical Chandler user, we would like to explore an OSAF-hosted WebDAV solution for the initial early adoptors of Chandler.
• The following describes some of the issues and questions as I see them, to be validated and added upon by J�rgen and Lisa for our 7/13 meeting.

Server Product and Hosting Operations

We can break down the server hosting service topic into two major sections:

• Issues around the architecture and features for the Server Product
• Operational hosting issues around providing a WebDAV hosting service

This page touches peripherally on the first issue and focuses on the second.

Assumptions, Issues and Questions

Types of transactions

• Register for an account [web and/or Chandler interface]
• Share a collection [through Chandler]
• Edit and change a collection [through Chandler]
• Modify a collection's permissions including adding "extranet" users to account [through Chandler?]
• Warn and purge inactive users
• Disk quota limitations and enforcement
• Bandwidth metering and limit enforcement
• End-user and admin reports
• Admin-automation functions (e.g. deal with forgotten passwords)

What are the key questions we should be asking in trying to set up a service like this?

• What is required to set up a hosting service like this?
• What are the different approaches we can take?
• What are the fundamental economics of such a hosting operation?
• What else?

Notes from 7/13 meeting:

• Approaches to hosting: Self-managed (i.e. bare minimum colocation services) vs. Outsourced (e.g. Loudcloud provides this service for Eazel). There is actually continuum of services between self-managed and outsourced that we should explore in more detail. If we self-manage, we would minimally need to colocate one or more servers, installed with our server product and a part-time sysadmin to manage the server.
• J�rgen: between 1k and 100k accounts, we no longer can piggy back on the simple Unix authentication process
• Key issue: We are confident that the WebDAV protocol can scale to >100k accounts. This would require hosting the accounts across multiple machines. However, should our OSAF server architecture be designed to be scalable across multiple machines? This a key architecture requirement issue.
• One data point: Sharemation.com is a one machine system that current hosts 50,000 test accounts each with a disk quota of 5MB. Stuart points out reliability on this machine is poor (fails every 5 mins)
  • Actually, reliability on this machine can be very good when the software is stable. With software upgrades to pre-beta software releases it goes through periods of instability. --Lisa

What are the key metrics?

• Key metrics underlying economics of a hosting service: cost of colocation space, bandwidth and storage (+ sys admin salary)
• Anticipated number of accounts: 30-40k
• Bandwidth/account
  • Typical Number of shares/account
  • Typical Number of transactions/share/account
  • Typical Size of transaction
  • We could simply limit bandwidth to something like 100 MB/hour to "answer" this question --Lisa
• Storage space required/account
  • Typical number of shares/account
  • Typical size of collection (share)
  • We could simply limit space to somethign like 10 MB which is more than enough to store a large calendar or several calendars assuming no Powerpoint presentations are attached --Lisa

Size of a Content Item is generally anticipated to be less than 1K. Email attachments provide the biggest variability.

What are the typical administrative functions required to run a hosting service?

• Backup and restore
• Ensure fault-tolerance
• Updating and maintaining software (OS, applications)
• Security:
  • Virus checking
  • Privacy issues
  • Measure to prevent hacking
  • what else?
• "Censorship" support: disabling accounts that are under a legal cloud (e.g. lawsuit for copyright infringement)
• Deal with cases where automation not present or fails (e.g. resend forgotten passwords)
• Admin notifications:
  • Out of disk space
  • Network down
  • Other diagnostics? (intrusion detection?)

-- ChaoLam - 12 Jul 2004