Hello everyone, I''m just finalising a Rails app I put together for a customer. Without wanting to be at all specific, users upload a big bunch of data, a bunch of analysis goes on behind the scenes and a bunch of graphs and reports are generated as output. I originally intended to simply install it on a server at that customer''s site, but today I found out they have a bit of a reputation for being somewhat (how do I put this...?) "lax" when handling other peoples'' intellectual property. I''m now fairly concerned that, if I put this app onto a box under that customer''s control, it''ll somehow spread to many different systems. Nothing like finding THAT out at the last minute...! The Rails code isn''t a big concern; what is concerning is the analysis code that sits behind all this, which is the result of several years'' work on my part, and I don''t want that to be distributed around. I''m now looking at the option of hosting the app at a service provider site somewhere, and here''s what (I think) I''m now looking for: - in terms of tools, Apache/FastCGI, Rails/Ruby, Postgres and R (a statistical language) are the main requirements. If I could install stuff myself, that''d be a big plus - 24x7 support, including fault resolution to the level of "reboot the box" and/or "replace the hardware", but no more. Some scheduled downtime isn''t a big deal for me, but it may have to be at odd hours as my customer is a multinational with people in several different countries and time zones - someone who will take backups for me, store them offsite in a *secure* facility and restore them for me on request. I''m happy to put together the scripts to do the backup/restore; I just need someone to do the "arms and legs" work... - someone who''ll sign appropriate non-disclosure agreements covering my code (for reasons described above) plus data (some of which may be sensitive). Essentially, I need operations people who will back it up and ship it offsite, but never attempt to look at data or code on pain of a lawsuit. That reminds me, got to find a lawyer too... - (probably) my own dedicated box. I haven''t done any real hardware requirements analysis yet, but I suspect I need a dedicated box that is reasonably powerful to run this app. My dev box is fast enough, but also pretty powerful (4 Xeon CPUs, 16Gb RAM, ...) and I haven''t done any testing on lower-powered gear yet to know exactly what I need Anyone got any recommendations for a suitable hosting company? For all I know, these may be "normal" requirements for a hosting company, but I doubt it. I''m starting to think I may have to host this myself because of the security requirements, but I really don''t want to get into the hosting business... Thanks in advance, and regards Dave M.
David Mitchell <monch1962-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> writes:> - (probably) my own dedicated box. I haven''t done any real hardware > requirements analysis yet, but I suspect I need a dedicated box that > is reasonably powerful to run this app. My dev box is fast enough, > but also pretty powerful (4 Xeon CPUs, 16Gb RAM, ...) and I haven''t > done any testing on lower-powered gear yet to know exactly what I needYou should definitely find out what your server requirements are.> Anyone got any recommendations for a suitable hosting company? For > all I know, these may be "normal" requirements for a hosting company, > but I doubt it. > > I''m starting to think I may have to host this myself because of the > security requirements, but I really don''t want to get into the hosting > business...I think I''d look into collocation. Build yourself a 1U or 2U server that can handle your workload. Find someplace local to rent some rack space. Pretty much every collocation facility has an option to do tape rotation for you. For 1U, expect to pay on the order of $300 or so for rack space plus tape rotation. Another option is to forgo the tape rotation. I''m more a fan of hard disk backups. Use some form of RAID or mirroring in your server. Personally, I just have two hard identical disks partitioned the same. Every morning I rsync one drive to the other from cron. I also do weekly rsyncs over the network to two other small servers located elsewhere (my house and my partner''s house). Paying someone to do tape rotations is pretty expensive in my opinion. -- doug-jGAhs73c5XxeoWH0uzbU5w@public.gmane.org
On 4/29/05, Doug Alcorn <doug-jGAhs73c5XxeoWH0uzbU5w@public.gmane.org> wrote:> David Mitchell <monch1962-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> writes: > > > - (probably) my own dedicated box. I haven''t done any real hardware > > requirements analysis yet, but I suspect I need a dedicated box that > > is reasonably powerful to run this app. My dev box is fast enough, > > but also pretty powerful (4 Xeon CPUs, 16Gb RAM, ...) and I haven''t > > done any testing on lower-powered gear yet to know exactly what I need > > You should definitely find out what your server requirements are. > > > Anyone got any recommendations for a suitable hosting company? For > > all I know, these may be "normal" requirements for a hosting company, > > but I doubt it. > > > > I''m starting to think I may have to host this myself because of the > > security requirements, but I really don''t want to get into the hosting > > business... > > I think I''d look into collocation. Build yourself a 1U or 2U server > that can handle your workload. Find someplace local to rent some rack > space. Pretty much every collocation facility has an option to do tape > rotation for you. For 1U, expect to pay on the order of $300 or so > for rack space plus tape rotation.iLand.com is one that I''ve used. They provide reasonable prices for colocation in top notch datacenters. I''m sure there are plenty of other companies like them that offer similar services, I just happen to know that one off the top of my head. Just pray you don''t need to use the live support very often, because they charge major bucks for that.... But colocation definitely sounds like the way to go for your requirements.> Another option is to forgo the tape rotation. I''m more a fan of hard > disk backups. Use some form of RAID or mirroring in your server.Repeat after me: "RAID is not backup. RAID is not backup". Ok, good :) Seriously though, there are a million things that can still happen to a RAID array that make it unsuitable for long term backup. If you don''t want to go with tape, get a dual-layer DVD burner and use that. Or rsync over a network and THEN do a dvd burn or tape backup. But do something that you can actually take OUT of the computer and stick somewhere safe (locked, fireproof, etc) Jason
Jason Foreman <threeve.org-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> writes:>> Another option is to forgo the tape rotation. I''m more a fan of hard >> disk backups. Use some form of RAID or mirroring in your server. > > Repeat after me: "RAID is not backup. RAID is not backup". Ok, good :) > > Seriously though, there are a million things that can still happen to > a RAID array that make it unsuitable for long term backup. If you > don''t want to go with tape, get a dual-layer DVD burner and use that. > Or rsync over a network and THEN do a dvd burn or tape backup. But do > something that you can actually take OUT of the computer and stick > somewhere safe (locked, fireproof, etc)I know this is getting off-topic, but... Besides mirroring two disks, I also do incremental rsyncs using hark-links and copy on write. That gives me online daily snapshots for a week. When I rsync offsite, I also do incremental copies. So, I have four weeks online at my off-site location (which has mirrored disks). While I''m pretty paranoid about disk failures, I''m not certain why I should have to put a copy in a firesafe. There''s some spark of pragmatism in me. If I have daily, incremental copies on line and weekly incremental copies online at two locations, why do I need a DVD in a firesafe? http://www.mikerubel.org/computers/rsync_snapshots/ I''ve only had this scheme a little over a year, but so far I''ve only lost about 8 hours worth of email readedness (not actually lost the email, just whether it was read or not) one time. Data loss of anything older than 24 hours requires at least 3 hard disk failures each in different physical locations. My big plus is that I don''t have to buy/manage tapes or take any of _my_ time to perform backups. All I have to do is monitor the disk usage of my snapshot partitions. -- doug-jGAhs73c5XxeoWH0uzbU5w@public.gmane.org
Heya :)> -----Original Message----- > From: rails-bounces-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org [mailto:rails- > bounces-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org] On Behalf Of David Mitchell > Sent: Friday, April 29, 2005 3:04 AM > To: rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > Subject: [Rails] *Secure* Rails hosting? > > I''m starting to think I may have to host this myself because of the > security requirements, but I really don''t want to get into the hosting > business...http://www.ServerBeach.com is a good company for this. They have great customer service and good prices. No need to build your own box, they will dedicate one to you as part of the lease. They won''t sign a special non-disclosure for you (no one will that I know of) but their agreement is pretty tight on your privacy issues. The backup set-up is sweet, they have a dedicated FTP system you can hook up with that lets you put whatever you want on an FTP server at their facility and that server is in a mirror / tape rotation loop. Basically, you back up to that box via FTP - and they handle backing up that box (farm really). You can hard boot your box via a web interface if need be and so on. Soulhuntre ---------- http://www.girl2.com - my girls http://www.the-estate.com - my legacy http://wiki.thegreybook.com - my project http://weblog.soulhuntre.com - my thoughts
On Fri, 29 Apr 2005, David Mitchell wrote:> Anyone got any recommendations for a suitable hosting company? For all > I know, these may be "normal" requirements for a hosting company, but I > doubt it.cari.net - dedicated hosting.. best deal going - you have complete control of your box. --Steve
> I''m now looking at the option of hosting the app at a service provider > site somewhere, and here''s what (I think) I''m now looking for: > - in terms of tools, Apache/FastCGI, Rails/Ruby, Postgres and R (a > statistical language) are the main requirements. If I could install > stuff myself, that''d be a big plusYou need a dedicated host, or better yet, a colocated machine.> - 24x7 support, including fault resolution to the level of "reboot the > box" and/or "replace the hardware", but no more. Some scheduled > downtime isn''t a big deal for me, but it may have to be at odd hours > as my customer is a multinational with people in several different > countries and time zonesPretty standard with colo. Not so much with dedicated hosting, but there are certainly companies that will handle that.> - someone who will take backups for me, store them offsite in a > *secure* facility and restore them for me on request. I''m happy to > put together the scripts to do the backup/restore; I just need someone > to do the "arms and legs" work...Also pretty common, but usually costs a lot.> - someone who''ll sign appropriate non-disclosure agreements covering > my code (for reasons described above) plus data (some of which may be > sensitive). Essentially, I need operations people who will back it up > and ship it offsite, but never attempt to look at data or code on pain > of a lawsuit. That reminds me, got to find a lawyer too...Good luck with that. I''ve never heard of anyone who will do that. If you colocate your machine, then nobody else will have access to it but you. Sure, they''ll have their hands on the actual hardware and the tapes, but you have grounds for a lawsuit anyway if they steal any of that.> - (probably) my own dedicated box. I haven''t done any real hardware > requirements analysis yet, but I suspect I need a dedicated box that > is reasonably powerful to run this app. My dev box is fast enough, > but also pretty powerful (4 Xeon CPUs, 16Gb RAM, ...) and I haven''t > done any testing on lower-powered gear yet to know exactly what I needYou''re going to want to colocate a machine. You own it, nobody has access to it unless you give it to them, etc etc. Plus it''s going to be cheaper than renting/leasing a suitably powerful box.> Anyone got any recommendations for a suitable hosting company? For > all I know, these may be "normal" requirements for a hosting company, > but I doubt it.One recommendation would be to ask around at companies in your area and find out who they use. Most large cities will have at least a few commercial colo facilities. There''s benefits to having your machine hosted where you are. You can go visit it, do hardware maintenance yourself, and whatnot. Plus, if you ever need to move your box, you don''t need to trust other people to do it, you can just go rip it out of the rack and be on your way. Most local ISPs will colo machines, too... and if they don''t explicitly offer it, it''s probably negotiable anyway :)> I''m starting to think I may have to host this myself because of the > security requirements, but I really don''t want to get into the hosting > business...Colocation :) Ben
Hey Dave- I have my own dedicated Debian box with rackforce.com( I am not affiliated) They have done a great job for me so far and they cover every aspect of your list below. After you decide on hardware, they install the base system(whatever linux distro you want) and then hand over the root password to you. You can then go ahead and change the password to whatever you want and they will have no access to your box unless you invite them in. I have installed apache with fcgi as a front end and lighttpd/fcgi as a backend proxied through apache. They have people there 24/7 and since you don''t own the hardware if it fails they just re-image one of your recent backups onto brand new hardware so there is minimal down time. They have many different backup options including offsite incremental backups. They have a secure web interface that you can reboot your physical hardware from if for some reason reboot or shutdown doesn''t work from the command line or whatever. So far the longest it has taken them to respond to one of my questions or minor problems has been 15 minutes. I have no complaints and only praise for their service so far and I give them a hearty recommendation. Good Luck- -Ezra On Apr 29, 2005, at 12:04 AM, David Mitchell wrote:> Hello everyone, > > I''m just finalising a Rails app I put together for a customer. > Without wanting to be at all specific, users upload a big bunch of > data, a bunch of analysis goes on behind the scenes and a bunch of > graphs and reports are generated as output. > > I originally intended to simply install it on a server at that > customer''s site, but today I found out they have a bit of a reputation > for being somewhat (how do I put this...?) "lax" when handling other > peoples'' intellectual property. I''m now fairly concerned that, if I > put this app onto a box under that customer''s control, it''ll somehow > spread to many different systems. Nothing like finding THAT out at > the last minute...! > > The Rails code isn''t a big concern; what is concerning is the analysis > code that sits behind all this, which is the result of several years'' > work on my part, and I don''t want that to be distributed around. > > I''m now looking at the option of hosting the app at a service provider > site somewhere, and here''s what (I think) I''m now looking for: > - in terms of tools, Apache/FastCGI, Rails/Ruby, Postgres and R (a > statistical language) are the main requirements. If I could install > stuff myself, that''d be a big plus > - 24x7 support, including fault resolution to the level of "reboot the > box" and/or "replace the hardware", but no more. Some scheduled > downtime isn''t a big deal for me, but it may have to be at odd hours > as my customer is a multinational with people in several different > countries and time zones > - someone who will take backups for me, store them offsite in a > *secure* facility and restore them for me on request. I''m happy to > put together the scripts to do the backup/restore; I just need someone > to do the "arms and legs" work... > - someone who''ll sign appropriate non-disclosure agreements covering > my code (for reasons described above) plus data (some of which may be > sensitive). Essentially, I need operations people who will back it up > and ship it offsite, but never attempt to look at data or code on pain > of a lawsuit. That reminds me, got to find a lawyer too... > - (probably) my own dedicated box. I haven''t done any real hardware > requirements analysis yet, but I suspect I need a dedicated box that > is reasonably powerful to run this app. My dev box is fast enough, > but also pretty powerful (4 Xeon CPUs, 16Gb RAM, ...) and I haven''t > done any testing on lower-powered gear yet to know exactly what I need > > Anyone got any recommendations for a suitable hosting company? For > all I know, these may be "normal" requirements for a hosting company, > but I doubt it. > > I''m starting to think I may have to host this myself because of the > security requirements, but I really don''t want to get into the hosting > business... > > Thanks in advance, and regards > > Dave M. > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails > >-Ezra Zygmuntowicz Yakima Herald-Republic WebMaster 509-577-7732 ezra-gdxLOakOTQ9oetBuM9ipNAC/G2K4zDHf@public.gmane.org _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
Soulhuntre wrote:> http://www.ServerBeach.com is a good company for this. They have great > customer service and good prices. No need to build your own box, they will > dedicate one to you as part of the lease. They won''t sign a special > non-disclosure for you (no one will that I know of) but their agreement is > pretty tight on your privacy issues.To the OP: please avoid ServerBeach and their bottom-of-the-barrel brethren. They don''t have the admin resources to treat you well, and you *will* be disappointed if anything goes wrong. Disclaimer: I had two separate terrible experiences with ServerBeach, both their fault, both receiving profuse apology, both resulting in 3-5 days downtime for not just the "affected" server, but *every* server on my account. Outrageous and totally unacceptable. Find a local colo that will set up a managed host for you. They will sign NDAs, handle hardware failures and network problems, and make your life worry-free. It comes at a premium to the cheapie hosts cobbling 1Us from refurbished junk, but frankly it''s your business on the line. Best, jeremy
Hello list, Thanks to everyone who responded, both to the list and to me personally. Here''s a summary of the responses, for anyone else who may have a similar question in the future: - backups/restores and reboots on request are pretty much standard fare for colocation arrangements (for anyone like me who didn''t already know this!). You may pay a bit extra for the service, but it''s a fairly nominal amount given the value of your data and every colocation group offers it as a service (probably common sense, but I didn''t know that) - it''ll be very difficult to find anyone willing to sign a non-disclosure agreement covering software and data on a hosted system - Planet Argon, rackforce.com, cari.net, serverbeach.com, "my local ISP" and textdrive.com were all suggested to me as potential colocation partners who would probably be suitable choices I''m still tossing around options at the moment, and am not yet convinced that colocating a box is the best solution for my specific problem. If I do go colo, then I''ll still have some investigation to do about whether to use *BSD or Linux - all my dev and testing has been on Linux to date, but now colo is a possibility it makes sense to consider other options as well. In any case, it''s nice to get a bunch of recommendations should I choose to go down that path. Thanks again Dave M.