[Micronet] database support

classic Classic list List threaded Threaded
23 messages Options
12
Reply | Threaded
Open this post in threaded view
|

[Micronet] database support

Angela Veomett
Hello Micronet,

My department is planning on re-hauling its database soon, and we were
wondering what people around campus are using the most often.  If your
department uses a database, or if you support database services, can you
reply with a quick message about what you're using/supporting, and why?

Many thanks!

Angela

--
Angela Veomett | Web and Communications | Townsend Center
phone: 510.643.7236 | e-mail: [hidden email]


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Frances Kendall

Angela,

 

IST Database Service provides secure database hosting for Oracle, SQL Server, Postgres and MySQL databases.  These services include both database and system administration to install, patch, monitor and manage backups and recoveries for the database, database software, operating system and hardware.  

 

The Basic MySQL service is a low cost service for groups on campus with simple database needs. The service provides customers with their own MySQL server (or "instance"), tools for them to manage that own instance, and a supported automation system to handle many of the routine database maintenance tasks.   The service is commonly used to house the database of dynamic web sites. The service is appropriate for projects that have, modest storage requirements, and no complex database design issues.  The Basic MySQL is a self-service offering and does not include database consulting hours.  The cost for one instance is $18 per month.

 
IST Database services also offers packaged solutions.  These include 3 environments for each customer, development, QA and production.  Production databases are monitored 7x24 for availability.  The Standard Support package includes four hours of database consulting annually, for support Mon-Fri 8am-5pm.  For the Oracle and SQL Server platforms, Extended Support is available.  Extended Support includes forty-four hours of database consulting annually.  These support hours can be scheduled 7x24.
 

For more information about IST services, contact the IST Technical Account Management unit, [hidden email].

 

best regards,

Frances

 

Frances Kendall

Database Manager

UC Berkeley – Information Services & Technology

2195 Hearst Ave., Berkeley, CA 94120

510-643-5934

 

 

-----Original Message-----
From: Angela Veomett [mailto:[hidden email]]
Sent: Monday, August 23, 2010 3:47 PM
To: [hidden email]
Subject: [Micronet] database support

 

Hello Micronet,

 

My department is planning on re-hauling its database soon, and we were

wondering what people around campus are using the most often.  If your

department uses a database, or if you support database services, can you

reply with a quick message about what you're using/supporting, and why?

 

Many thanks!

 

Angela

 

--

Angela Veomett | Web and Communications | Townsend Center

phone: 510.643.7236 | e-mail: [hidden email]

 

 

 


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Robert McNicholas
Hi Angela,

My department (Electrical Engineering & Computer Sciences) has been
using IST's Oracle Service for a couple years now for our major
applications, and we are very happy with the service.  The staff running
it are top-notch (hi Quin) and support is very responsive.  We
previously ran our own Oracle server, but it is not trivial to support
Oracle.  The migration to IST was not too difficult, and I am really
glad that I don't have to patch Oracle any longer.

We also run our own MySQL server, mostly to support some open-source
apps that require (or just work best with) MySQL.  If you are already
running some Unix/Linux servers, it is pretty easy to set up MySQL, but
then you have to worry about things like backups.  (I can't speak for
Windows servers, sorry.)  The new rates that IST has announced for basic
MySQL service are very attractive, especially if you don't have any
spare servers, storage and a backup plan already in place.  Buying the
service from IST relieves you of the burden of all that.

Here's a link to the IST DB services page:
http://ist.berkeley.edu/services/catalog/database

Hope this helps,

-Rob McNicholas
Dept. of EECS


On 8/25/2010 1:35 PM, Frances Kendall <[hidden email]>  wrote:

> Angela,
>
>  
>
> IST Database Service provides secure database hosting for Oracle, SQL Server, Postgres and MySQL databases.  These services include both database and system administration to install, patch, monitor and manage backups and recoveries for the database, database software, operating system and hardware.  
>
>  
>
> The Basic MySQL service is a low cost service for groups on campus with
> simple database needs. The service provides customers with their own
> MySQL server (or "instance"), tools for them to manage that own
> instance, and a supported automation system to handle many of the
> routine database maintenance tasks.   The service is commonly used to
> house the database of dynamic web sites. The service is appropriate for
> projects that have, modest storage requirements, and no complex database
> design issues.  The Basic MySQL is a self-service offering and does not
> include database consulting hours.  The cost for one instance is $18 per
> month.
>
>  
>
> IST Database services also offers packaged solutions.  These include 3 environments for each customer, development, QA and production.  Production databases are monitored 7x24 for availability.  The Standard Support package includes four hours of database consulting annually, for support Mon-Fri 8am-5pm.  For the Oracle and SQL Server platforms, Extended Support is available.  Extended Support includes forty-four hours of database consulting annually.  These support hours can be scheduled 7x24.
>
>  
>
> For more information about IST services, contact the IST Technical
> Account Management unit, [hidden email] <mailto:[hidden email]>.
>
>  
>
> best regards,
>
> Frances
>
>  
>
> Frances Kendall
>
> Database Manager
>
> UC Berkeley – Information Services & Technology
>
> 2195 Hearst Ave., Berkeley, CA 94120
>
> 510-643-5934
>
>  
>
>  
>
> -----Original Message-----
> From: Angela Veomett [mailto:[hidden email]]
> Sent: Monday, August 23, 2010 3:47 PM
> To: [hidden email]
> Subject: [Micronet] database support
>
>  
>
> Hello Micronet,
>
>  
>
> My department is planning on re-hauling its database soon, and we were
>
> wondering what people around campus are using the most often.  If your
>
> department uses a database, or if you support database services, can you
>
> reply with a quick message about what you're using/supporting, and why?
>
>  
>
> Many thanks!
>
>  
>
> Angela
>
>  
>
> --
>
> Angela Veomett | Web and Communications | Townsend Center
>
> phone: 510.643.7236 | e-mail: [hidden email]
>
>  
>
>  
>
>  
>
>
>
>  
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Erik Klavon
On Wed, Aug 25, 2010 at 01:57:42PM -0700, Robert McNicholas wrote:

> My department (Electrical Engineering & Computer Sciences) has been
> using IST's Oracle Service for a couple years now for our major
> applications, and we are very happy with the service.  The staff running
> it are top-notch (hi Quin) and support is very responsive.  We
> previously ran our own Oracle server, but it is not trivial to support
> Oracle.  The migration to IST was not too difficult, and I am really
> glad that I don't have to patch Oracle any longer.
>
> We also run our own MySQL server, mostly to support some open-source
> apps that require (or just work best with) MySQL.  If you are already
> running some Unix/Linux servers, it is pretty easy to set up MySQL, but
> then you have to worry about things like backups.  (I can't speak for
> Windows servers, sorry.)  The new rates that IST has announced for basic
> MySQL service are very attractive, especially if you don't have any
> spare servers, storage and a backup plan already in place.  Buying the
> service from IST relieves you of the burden of all that.

We've used the postgres service for a couple of years and have been
happy with it. I've interacted with Paul Rivers quite a bit in connection
with that service and can't speak highly enough of my experiences
working with him.

Erik

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Russell Connacher
I want to jump on the bandwagon and express how happy I've been with Database
Services' MySql service and Kellie Hobbs' support.

This is how all of Cal's IT should work!

Robert McNicholas wrote:
> My department (Electrical Engineering & Computer Sciences) has been
> using IST's Oracle Service for a couple years now for our major
> applications, and we are very happy with the service.  The staff running
> it are top-notch (hi Quin) and support is very responsive.  <snip>

Erik Klavon wrote:
> We've used the postgres service for a couple of years and have been
> happy with it. I've interacted with Paul Rivers quite a bit in connection
> with that service and can't speak highly enough of my experiences
> working with him.

--

Russell Connacher                   206 Evans Hall # 2924
Information Systems                 Berkeley, CA 94720-2924
Undergraduate Advising              (510) 643-9892
College of Letters & Science, UCB   [hidden email]

(please consider the environment before printing this email)

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Scot Hacker
On Aug 25, 2010, at 2:22 PM, Russell Connacher wrote:

> I want to jump on the bandwagon and express how happy I've been with  
> Database
> Services' MySql service and Kellie Hobbs' support.


I'm sure the service and support from the database group is excellent  
(I haven't worked with them), but I'm frankly a bit puzzled by the use  
case for a separate database server -- at least for web hosting needs.  
MySQL and Postgres come bundled with virtually every Linux  
distribution. And I take it as a given that anyone hosting one or more  
web sites will use a web hosting control panel system like cPanel or  
Plesk. These systems have excellent tools built in to simplify  
database management, permissions, and provisioning. So for both  
datacenter VMs and colo box arrangements, I would simply use the  
database server that comes with the OS, and the myriad of database  
management tools that come with the hosting control panels.

For Oracle, I can see using the database group's service. For  
extremely high load conditions, I can see using the database group's  
service. But for typical university web sites, what is the use case?  
Why would a department choose to use an external database rather than  
the ones that come with the OS?

Thanks,
Scot

--
Scot Hacker, Webmaster
Knight Digital Media Center
UC Berkeley Graduate School of Journalism
http://kdmc.berkeley.edu
http://twitter.com/kdmcinfo
http://journalism.berkeley.edu









 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Greg Merritt
Scot,

With the hosting, you've got dedicated staff working 24/7/365 to patch/
backup/maintain/support your instance.  Most departments don't have  
the staffing to provide that kind of coverage.  All you need to do is  
toss 'em a chart string, and they give you an IP and a port.  Magic.

Sure beats having 100 IT people each available only ~8/5/240 in 100  
different units each running their own instance, no?  Better service  
to the department for less cost, I'll wager.

We actually see the reverse logic of what you sketch out:  for little  
run-of-the-mill Web back-end databases, dumping it off to IST is an  
excellent fit.  We have other research needs, however, that totally  
outstrip the capacities of TAM-offered services.  In those cases it is  
much more cost-effective for us to run the services in-house.  (We're  
not just guessing -- we've had the conversation.)

-Greg



On Aug 25, 2010, at 2:29 PM, Scot Hacker wrote:

>
> For Oracle, I can see using the database group's service. For
> extremely high load conditions, I can see using the database group's
> service. But for typical university web sites, what is the use case?
> Why would a department choose to use an external database rather than
> the ones that come with the OS?


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

paul rivers
In reply to this post by Scot Hacker
On 08/25/2010 02:29 PM, Scot Hacker wrote:

> On Aug 25, 2010, at 2:22 PM, Russell Connacher wrote:
>
>> I want to jump on the bandwagon and express how happy I've been with  
>> Database
>> Services' MySql service and Kellie Hobbs' support.
>
>
> I'm sure the service and support from the database group is excellent  
> (I haven't worked with them), but I'm frankly a bit puzzled by the use  
> case for a separate database server -- at least for web hosting needs.  
> MySQL and Postgres come bundled with virtually every Linux  
> distribution. And I take it as a given that anyone hosting one or more  
> web sites will use a web hosting control panel system like cPanel or  
> Plesk. These systems have excellent tools built in to simplify  
> database management, permissions, and provisioning. So for both  
> datacenter VMs and colo box arrangements, I would simply use the  
> database server that comes with the OS, and the myriad of database  
> management tools that come with the hosting control panels.
>
> For Oracle, I can see using the database group's service. For  
> extremely high load conditions, I can see using the database group's  
> service. But for typical university web sites, what is the use case?  
> Why would a department choose to use an external database rather than  
> the ones that come with the OS?
>
> Thanks,
> Scot
>


What you suggest certainly is a viable option.  If that works for you,
why not do that.

On the other hand in my time at UCB, I've been at the console of a
number of different departmental machines trying to rescue a failed
MySQL instance that did not have adequate (or even any) valid backups.
Sometimes, the data can be salvaged, and sometimes not.  I've also seen
a number of installations of especially MySQL that had serious security
issues.  None of these are hard to solve, but solving them -- just like
verifying backups -- takes time.

So it comes down to how a department wants to spend their time.

I would argue that spending it on managing commodity computing resources
is not time well spent.  They'd be better off putting their time into
IT-related projects specific to that department that simply cannot be
centralized.

Regards,
Paul


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Tom Holub
In reply to this post by Scot Hacker
On 8/25/10 2:29 PM, Scot Hacker wrote:

> On Aug 25, 2010, at 2:22 PM, Russell Connacher wrote:
>
>> I want to jump on the bandwagon and express how happy I've been with
>> Database
>> Services' MySql service and Kellie Hobbs' support.
>
>
> I'm sure the service and support from the database group is excellent
> (I haven't worked with them), but I'm frankly a bit puzzled by the use
> case for a separate database server -- at least for web hosting needs.
> MySQL and Postgres come bundled with virtually every Linux
> distribution. And I take it as a given that anyone hosting one or more
> web sites will use a web hosting control panel system like cPanel or
> Plesk. These systems have excellent tools built in to simplify
> database management, permissions, and provisioning. So for both
> datacenter VMs and colo box arrangements, I would simply use the
> database server that comes with the OS, and the myriad of database
> management tools that come with the hosting control panels.
>
> For Oracle, I can see using the database group's service. For
> extremely high load conditions, I can see using the database group's
> service. But for typical university web sites, what is the use case?
> Why would a department choose to use an external database rather than
> the ones that come with the OS?

There are a number of issues being conflated here.

First, I think the terminology of the original posting has sent this
discussion in the wrong direction (or at least, in a direction which
doesn't answer the original question).  The user is not really asking
about database hosting, she's asking about application development.  I
happen to know that they currently have FileMaker applications, and the
question is, if you're not developing in FileMaker, what are you using
and how are you doing it?  Obviously, a SQL hosting solution is only a
small part of the answer to that question.

To Scot's point, what's generally needed by campus departments is a
cheap, featureful web hosting environment.  The campus doesn't have one,
so many departments are running their own (though that's not cheap).
Scot's question is, if you're already running the web server, why not
run the database server on the same host?  But that's the wrong question
to be asking--the question is, if your need is for commodity hosting,
why run the server in the first place when there is so much cheap
commodity hosting available?

--
Tom Holub ([hidden email], 510-642-9069)
Director of Computing, College of Letters & Science
101.D Durant Hall
<http://LS.berkeley.edu/lscr/>

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Scot Hacker
In reply to this post by paul rivers

On Aug 25, 2010, at 2:42 PM, paul rivers wrote:

> I would argue that spending it on managing commodity computing  
> resources
> is not time well spent.  They'd be better off putting their time into
> IT-related projects specific to that department that simply cannot be
> centralized.


Good points all. I recognize that different departments have different  
degrees of tech support available to them.

 From my perspective, on the two general web hosting servers I manage,  
one runs 227 mysql databases, the other 112. I spend very, very little  
time managing or even thinking about databases. Dbs are set up by  
users through their web hosting control panels, and backed up with a  
mysqldump script run from crontab (dump files then get backed up with  
the rest of the system):

http://dpaste.com/hold/234070/

It's not like my department is "paying me" to spend significant  
amounts of time managing mysql installations. The database servers get  
upgraded automatically when the hosting control panels are upgraded  
(which itself happens automatically). And database security issues are  
almost always a matter of poor web application programming (which is a  
separate discussion).

On Aug 25, 2010, at 2:44 PM, Tom Holub wrote:

> To Scot's point, what's generally needed by campus departments is a
> cheap, featureful web hosting environment.  The campus doesn't have  
> one,
> so many departments are running their own (though that's not cheap).

This is indeed a mystery to me. cPanel licenses are free to .edu, and  
take most of the work out of setting up, managing, and keeping web  
hosting environments secure. It's  difficult for me to understand why  
the datacenter doesn't provide cPanel setups as one of their VM  
template options. Talk about a massive time and money saver...

./s


--
Scot Hacker, Webmaster
Knight Digital Media Center
UC Berkeley Graduate School of Journalism
http://kdmc.berkeley.edu
http://twitter.com/kdmcinfo
http://journalism.berkeley.edu









 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Graham Patterson
In reply to this post by Tom Holub


Tom Holub wrote:

> There are a number of issues being conflated here.
>
> First, I think the terminology of the original posting has sent this
> discussion in the wrong direction (or at least, in a direction which
> doesn't answer the original question).  The user is not really asking
> about database hosting, she's asking about application development.  I
> happen to know that they currently have FileMaker applications, and the
> question is, if you're not developing in FileMaker, what are you using
> and how are you doing it?  Obviously, a SQL hosting solution is only a
> small part of the answer to that question.

In that case MySQL or Postgres may be a little too much database, and
not enough interface.

> To Scot's point, what's generally needed by campus departments is a
> cheap, featureful web hosting environment.  The campus doesn't have one,
> so many departments are running their own (though that's not cheap).
> Scot's question is, if you're already running the web server, why not
> run the database server on the same host?  But that's the wrong question
> to be asking--the question is, if your need is for commodity hosting,
> why run the server in the first place when there is so much cheap
> commodity hosting available?

I'd say that's fair. We have around 35 domain names (OK, some are
.com/.org equivalents) not including the dev/stage instances, so it is
worth our while running a web/database system because the incremental
cost of the database on an existing server and backup capacity is low.
But we are borderline at that when I last looked at the numbers. It will
be interesting to see where we stand when the hardware is up for
replacement. Though, as I alluded at this morning's meeting, the purely
technical/financial consideration is not the only one on the table when
these things are decided.


Graham
--
Graham Patterson, Systems Administrator
Lawrence Hall of Science, UC Berkeley   510-643-2222
"...past the Tyranosaurus, the Mastodon, the mathematical puzzles, and
the meteorite..." - directions to my office.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Angela Veomett
In reply to this post by Tom Holub
Hello All,

This has actually been extremely helpful for us in framing the issues
surrounding our database problems.  Our immediate needs are for
replacing our FileMaker database (do we create another FileMaker
database?  move to something else?), but we intend to have this database
eventually interface with a new website that will likely be
database-driven itself.  It's likely that our choice for application
development will be based partly on hosting/support solutions that are
available to us.

This is also a good example for the issues surrounding OE and its
implementation in the future - which we should be talking about now,
when we have the ability to provide some input and discuss the reasoning
behind OE's goals.

Best,
Angela

Angela Veomett | Web and Communications | Townsend Center
phone: 510.643.7236 | e-mail: [hidden email]



Tom Holub wrote:

> On 8/25/10 2:29 PM, Scot Hacker wrote:
>  
>> On Aug 25, 2010, at 2:22 PM, Russell Connacher wrote:
>>
>>    
>>> I want to jump on the bandwagon and express how happy I've been with
>>> Database
>>> Services' MySql service and Kellie Hobbs' support.
>>>      
>> I'm sure the service and support from the database group is excellent
>> (I haven't worked with them), but I'm frankly a bit puzzled by the use
>> case for a separate database server -- at least for web hosting needs.
>> MySQL and Postgres come bundled with virtually every Linux
>> distribution. And I take it as a given that anyone hosting one or more
>> web sites will use a web hosting control panel system like cPanel or
>> Plesk. These systems have excellent tools built in to simplify
>> database management, permissions, and provisioning. So for both
>> datacenter VMs and colo box arrangements, I would simply use the
>> database server that comes with the OS, and the myriad of database
>> management tools that come with the hosting control panels.
>>
>> For Oracle, I can see using the database group's service. For
>> extremely high load conditions, I can see using the database group's
>> service. But for typical university web sites, what is the use case?
>> Why would a department choose to use an external database rather than
>> the ones that come with the OS?
>>    
>
> There are a number of issues being conflated here.
>
> First, I think the terminology of the original posting has sent this
> discussion in the wrong direction (or at least, in a direction which
> doesn't answer the original question).  The user is not really asking
> about database hosting, she's asking about application development.  I
> happen to know that they currently have FileMaker applications, and the
> question is, if you're not developing in FileMaker, what are you using
> and how are you doing it?  Obviously, a SQL hosting solution is only a
> small part of the answer to that question.
>
> To Scot's point, what's generally needed by campus departments is a
> cheap, featureful web hosting environment.  The campus doesn't have one,
> so many departments are running their own (though that's not cheap).
> Scot's question is, if you're already running the web server, why not
> run the database server on the same host?  But that's the wrong question
> to be asking--the question is, if your need is for commodity hosting,
> why run the server in the first place when there is so much cheap
> commodity hosting available?
>
>  

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Scot Hacker
In reply to this post by Tom Holub
On Aug 25, 2010, at 2:44 PM, Tom Holub wrote:

> run the database server on the same host?  But that's the wrong  
> question
> to be asking--the question is, if your need is for commodity hosting,
> why run the server in the first place when there is so much cheap
> commodity hosting available?

To answer this part of Tom's question, the two main obstacles to using  
outside vendors for "commodity" hosting are:

1) Restricted data requirements - if any server contains data that  
falls under this umbrella, the server must reside on campus.

2) The indemnification clause gotcha - Regents' Standing Order  
100.4.dd.9, which  forbids departments from indemnifying the acts of  
third parties. It's very hard to find outside vendors whose service  
agreements are compatible with the standing order. I understand the  
order is being reconsidered, but don't have any details. But until  
it's re-written, departments who need to go strictly by the book can't  
use "move-in-ready" outside web  hosting or VPS providers.

Forgive me if I've gotten any of that wrong - I'm not a legal beagle,  
just going on what I've been able to piece together from various  
situations. Maybe someone with more knowledge on this can fill in the  
details.

./s


--
Scot Hacker, Webmaster
Knight Digital Media Center
UC Berkeley Graduate School of Journalism
http://kdmc.berkeley.edu
http://twitter.com/kdmcinfo
http://journalism.berkeley.edu









 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Erik Klavon
In reply to this post by Scot Hacker
On Wed, Aug 25, 2010 at 03:04:42PM -0700, Scot Hacker wrote:

> On Aug 25, 2010, at 2:42 PM, paul rivers wrote:
> > I would argue that spending it on managing commodity computing  
> > resources
> > is not time well spent.  They'd be better off putting their time into
> > IT-related projects specific to that department that simply cannot be
> > centralized.
>
> Good points all. I recognize that different departments have different  
> degrees of tech support available to them.
>
>  From my perspective, on the two general web hosting servers I manage,  
> one runs 227 mysql databases, the other 112. I spend very, very little  
> time managing or even thinking about databases. Dbs are set up by  
> users through their web hosting control panels, and backed up with a  
> mysqldump script run from crontab (dump files then get backed up with  
> the rest of the system):
>
> http://dpaste.com/hold/234070/
>
> It's not like my department is "paying me" to spend significant  
> amounts of time managing mysql installations. The database servers get  
> upgraded automatically when the hosting control panels are upgraded  
> (which itself happens automatically). And database security issues are  
> almost always a matter of poor web application programming (which is a  
> separate discussion).
>
> On Aug 25, 2010, at 2:44 PM, Tom Holub wrote:
>
> > To Scot's point, what's generally needed by campus departments is a
> > cheap, featureful web hosting environment.  The campus doesn't have  
> > one,
> > so many departments are running their own (though that's not cheap).
>
> This is indeed a mystery to me. cPanel licenses are free to .edu, and  
> take most of the work out of setting up, managing, and keeping web  
> hosting environments secure. It's  difficult for me to understand why  
> the datacenter doesn't provide cPanel setups as one of their VM  
> template options. Talk about a massive time and money saver...

Based on what Scot has reported, it sounds like he may have arrived at
a solution worth exploring further. Scot, on what terms do you think
it would be possible to provide the service you've created to other
departments on campus? How much do you think it would cost to fund
such a service?

Erik

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Scot Hacker
On Aug 25, 2010, at 11:01 PM, Erik Klavon wrote:

> Based on what Scot has reported, it sounds like he may have arrived at
> a solution worth exploring further. Scot, on what terms do you think
> it would be possible to provide the service you've created to other
> departments on campus? How much do you think it would cost to fund
> such a service?

I'm not in a position to estimate labor costs for the DC, but there  
shouldn't be any material costs involved. The investment would be in  
time for someone at the datacenter to get trained on cPanel system  
management, then to experiment with and establish a cPanel/WHM VM  
template. Some support staff at the datacenter would also need  
training or expertise. There are tons of resources out there, and a  
thriving community of administrators to lean on, in addition to very  
good documentation. There should not be any licensing fees. It would  
be up to the data center to estimate costs based on labor needs.

 From the university-level view, that expense should be weighed  
against time and labor savings for all the campus departments with  
hosting needs but limited support personnel.  Every hour spent  
manually wrestling with Apache, setting up database servers (or paying  
separately for database hosting from the database group), creating  
mailing list systems, establishing disk or bandwidth quotas,  
installing SSL certificates, creating firewall systems that auto-
detect and block bad behavior across all web forms and URLs, ssh/sftp  
attempts, brute force attempts, and mail systems, configuring,  
customizing and training spamassassin,  tools to provide one-click  
setup for blogs and wikis and bulletin boards and learning management  
systems and photo galleries, recompiling apache/php when the need  
arises, installing and configuring monitoring systems, and so on and  
so on... these are all things that are basically taken care of with a  
modern web hosting control panel. That wheel has been invented  
already, and has matured for a decade.  Even if a server is only  
hosting a single domain, I won't do it without cPanel - it saves me so  
much time in the long run that it's worth the small additional effort  
up front.

In the commercial web hosting world, you have to  try really hard to  
find a company that will sell you hosting *without* a control panel.  
It's the inverse situation here. Doesn't need to be.

If anyone would like a tour of our WHM/cPanel system, I'd be happy to  
sit down for a walk-through.

Scot

--
Scot Hacker, Webmaster
Knight Digital Media Center
UC Berkeley Graduate School of Journalism
http://kdmc.berkeley.edu
http://twitter.com/kdmcinfo
http://journalism.berkeley.edu









 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Bill Clark
In reply to this post by Angela Veomett
I have always been hesitant to grant administrative control through a web
interface, on any of the systems I've managed.  Granted a lot of these
results are outdated, but a quick Google search for "cpanel security
holes" will give one pause:

http://www.google.com/search?aq=2&oq=cpanel+security&sourceid=chrome&ie=UTF-8&q=cpanel+security+holes

I have similar issues with installing tools like webmin that may make
remote administration easier, but which open up root-level access to the
system over a web connection.  Ease of administration may result in a
bigger security headache for the IS&T UNIX team, which could potentially
increase costs to the point that solutions like cpanel simply aren't
cost-effective.

The security risks can be somewhat mitigated through methods like "jailed"
environments and other tricks employed by commodity hosting services, but
those also add to the administrative cost.  The security implications for
a campus-wide shared environment are also very different than for what
might be appropriate at a departmental level.

All that said, I'm by no means an expert on shared web hosting
environments or their associated administrative toolkits (or on cpanel in
particular) so I guess my only realy point is that there might be a lot
more considerations to factor in than just the cost of setting up cpanel
and providing training.

-Bill Clark
Systems Unit
Graduate Division

> On Aug 25, 2010, at 11:01 PM, Erik Klavon wrote:
>> Based on what Scot has reported, it sounds like he may have arrived at
a solution worth exploring further. Scot, on what terms do you think it
would be possible to provide the service you've created to other
departments on campus? How much do you think it would cost to fund such
a service?
> I'm not in a position to estimate labor costs for the DC, but there
shouldn't be any material costs involved. The investment would be in
time for someone at the datacenter to get trained on cPanel system
management, then to experiment with and establish a cPanel/WHM VM
template. Some support staff at the datacenter would also need
> training or expertise. There are tons of resources out there, and a
thriving community of administrators to lean on, in addition to very
good documentation. There should not be any licensing fees. It would be
up to the data center to estimate costs based on labor needs.
>  From the university-level view, that expense should be weighed
> against time and labor savings for all the campus departments with
hosting needs but limited support personnel.  Every hour spent
> manually wrestling with Apache, setting up database servers (or paying
separately for database hosting from the database group), creating
mailing list systems, establishing disk or bandwidth quotas,
> installing SSL certificates, creating firewall systems that auto- detect
and block bad behavior across all web forms and URLs, ssh/sftp attempts,
brute force attempts, and mail systems, configuring,
> customizing and training spamassassin,  tools to provide one-click setup
for blogs and wikis and bulletin boards and learning management systems
and photo galleries, recompiling apache/php when the need arises,
installing and configuring monitoring systems, and so on and so on...
these are all things that are basically taken care of with a modern web
hosting control panel. That wheel has been invented
> already, and has matured for a decade.  Even if a server is only hosting
a single domain, I won't do it without cPanel - it saves me so much time
in the long run that it's worth the small additional effort up front.
> In the commercial web hosting world, you have to  try really hard to
find a company that will sell you hosting *without* a control panel.
It's the inverse situation here. Doesn't need to be.
> If anyone would like a tour of our WHM/cPanel system, I'd be happy to
sit down for a walk-through.
> Scot
> --
> Scot Hacker, Webmaster
> Knight Digital Media Center
> UC Berkeley Graduate School of Journalism
> http://kdmc.berkeley.edu
> http://twitter.com/kdmcinfo
> http://journalism.berkeley.edu
> -------------------------------------------------------------------------
The following was automatically added to this message by the list
server:
> To learn more about Micronet, including how to subscribe to or
unsubscribe
> from its mailing list and how to find out about upcoming meetings,
please
> visit the Micronet Web site:
> http://micronet.berkeley.edu
> Messages you send to this mailing list are public and world-viewable,
and
> the list's archives can be browsed and searched on the Internet.  This
means these messages can be viewed by (among others) your bosses,
prospective employers, and people who have known you in the past.





 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Scot Hacker

On Aug 26, 2010, at 11:27 AM, Bill Clark wrote:

> I have always been hesitant to grant administrative control through  
> a web
> interface, on any of the systems I've managed.  Granted a lot of these
> results are outdated, but a quick Google search for "cpanel security
> holes" will give one pause:
>
> http://www.google.com/search?aq=2&oq=cpanel+security&sourceid=chrome&ie=UTF-8&q=cpanel+security+holes
>

As you note, there are no stories after 2006 in those search results.  
Not saying cPanel is perfect security-wise -- what system is? But as  
the most popular web hosting system in the world, they've had a hell  
of a lot of real-world experience dealing with every attack vector  
imaginable, on some of the largest web hosting providers out there.  
And cPanel systems update themselves nightly (the admin  can choose to  
auto-upate with edge, trunk or stable updates).

If you consider how much work it would take to build a raft of  
security tools into a vanilla system on your own, compared to having a  
ton of security tools all packaged up and working out of the box, the  
choice (to me) is clear.

> The security risks can be somewhat mitigated through methods like  
> "jailed"
> environments and other tricks employed by commodity hosting  
> services, but
> those also add to the administrative cost.

By default, cPanel users do not get shell access. The admin can enable  
either jailed or unjailed  shells for individual accounts. No real  
admin overhead there.

>  The security implications for
> a campus-wide shared environment are also very different than for what
> might be appropriate at a departmental level.

I can imagine two possible scenarios:

1) Campus provides general/shared WHM boxes and doles out cPanel  
accounts to departments
and/or
2) A department leases a WHM VM and doles out cPanel accounts to its  
sub-groups

> All that said, I'm by no means an expert on shared web hosting
> environments or their associated administrative toolkits (or on  
> cpanel in
> particular) so I guess my only realy point is that there might be a  
> lot
> more considerations to factor in than just the cost of setting up  
> cpanel
> and providing training.
>

Absolutely - the devil's in the details of any project.

Apologies for hijacking this thread - that wasn't my intention.

./s

>

--
Scot Hacker, Webmaster
Knight Digital Media Center
UC Berkeley Graduate School of Journalism
http://kdmc.berkeley.edu
http://twitter.com/kdmcinfo
http://journalism.berkeley.edu









 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Bill Clark
Scot wrote:
> By default, cPanel users do not get shell access.
> The admin can enable either jailed or unjailed
> shells for individual accounts. No real admin
> overhead there.

I meant that if cPanel is compromised, it potentially exposes the entire
system to risk.  My understanding is that commodity hosting services
minimize this risk by running each customer instance in its own jail (or
outright VM in some cases) effectively isolating it from other customers.
The admin overhead is in setting up the server to work that way, not
anything having to do with cPanel itself.  Some IS&T systems are walled
off from each other in this way (the VM systems, for example) but others
are just associated with regular user accounts all on the same system, so
anything that compromised one account could expose all the others to risk.

Taking CalWeb Pro as an example, each Apache instance (other than the
shared reverse proxy) runs under a specific user account -- so everything
already is isolated down to the level of individual user permissions.  But
if any one of those user accounts is compromised, that can still grant an
intruder account access to a shared multi-user system.  Anyone else on the
same server who didn't have sufficiently restrictive file permissions
could be exposing data and/or code to exploit.  To really make the system
secure enough to allow a (relatively -- compared to ssh) insecure
application like cPanel, it would have to be reconfigured so that each
Apache instance ran not only under a specific user account but also within
an entirely jailed environment, isolating it from all other accounts.
That increases the setup cost and maintenance of a system like CalWeb Pro.

I believe (and maybe I'm mistaken here) that the large commodity hosting
services do set up individual jails for their customers precisely for this
reason, but that they also take advantage of economies of scale and a more
standardized environment to make it cost-effective.

I'm not saying IS&T shouldn't provide a service like this -- I tend to
think the benefits probably do outweigh the extra costs, since it's
probably even less coss-effective to have departmental IT staff running
and administering individual websites and databases -- I'm just pointing
out that there are additional infrastructure-related expenses to
supporting a tool like cPanel that need to be taken into account when
estimating the full cost.

-Bill Clark
Systems Unit
Graduate Division


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

Tom Holub
In reply to this post by Scot Hacker
On 8/25/10 4:14 PM, Scot Hacker wrote:

> On Aug 25, 2010, at 2:44 PM, Tom Holub wrote:
>
>> run the database server on the same host?  But that's the wrong
>> question
>> to be asking--the question is, if your need is for commodity hosting,
>> why run the server in the first place when there is so much cheap
>> commodity hosting available?
>
> To answer this part of Tom's question, the two main obstacles to using
> outside vendors for "commodity" hosting are:
>
> 1) Restricted data requirements - if any server contains data that
> falls under this umbrella, the server must reside on campus.

We outsource the storage and processing of credit card data to
CyberSource, and we also outscore payroll to UCOP.  There's little
inherent security in storing data on campus; the main issues around
storing data outside of the campus are contractual.  You have to make
sure your partner is contractually obligated to meet your security
requirements.

Although frankly, many of our own systems fail to meet our own security
requirements.

--
Tom Holub ([hidden email], 510-642-9069)
Director of Computing, College of Letters & Science
101.D Durant Hall
<http://LS.berkeley.edu/lscr/>

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] database support

tedcrum
At 02:58 PM 8/26/2010, you wrote:

>On 8/25/10 4:14 PM, Scot Hacker wrote:
> > On Aug 25, 2010, at 2:44 PM, Tom Holub wrote:
> >
> >> run the database server on the same host?  But that's the wrong
> >> question
> >> to be asking--the question is, if your need is for commodity hosting,
> >> why run the server in the first place when there is so much cheap
> >> commodity hosting available?
> >
> > To answer this part of Tom's question, the two main obstacles to using
> > outside vendors for "commodity" hosting are:
> >
> > 1) Restricted data requirements - if any server contains data that
> > falls under this umbrella, the server must reside on campus.
>
>We outsource the storage and processing of credit card data to
>CyberSource, and we also outscore payroll to UCOP.  There's little
>inherent security in storing data on campus; the main issues around
>storing data outside of the campus are contractual.  You have to make
>sure your partner is contractually obligated to meet your security
>requirements.
>
>Although frankly, many of our own systems fail to meet our own security
>requirements.
>
>--
>Tom Holub ([hidden email], 510-642-9069)
>Director of Computing, College of Letters & Science
>101.D Durant Hall
><http://LS.berkeley.edu/lscr/>
>
>

Another current example of captive outsourcing at UC is the new
system-wide Facilities Link data warehouse that is run, off campus,
by Digicality. That company is apparently a spin-off of UC in which
UC retains some IP ownership and has an equity. Trust and contract
issues are a lot easier when you have a seat in the boardroom. This
would be a great model for applications like Our Unit.

-Ted Crum
  Psychology


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
12