Everything on one (& small) server? Isn't the risk to high?

Hi guys,

i took some time to think yesterday and i am a bit worried now. I’d like to share some of my concerns or questions regarding the choice of our server.

First: Is it good, to have all our infrastructure on one server? If it is right, and i like that thought, that the future of the internet is more decentralized again, it would be smart to have different things on different servers. If one server crashes - like the forum - we would still have a website up and running and owncloud on another.

Especially i am not sure, if we move everything to one server that is run by one very very small company. What is when something happen to the guy, something bad like an accid… or also something like he converts to buddhism overnight and decides do move to a mountain to meditate on the top for 10 years, starting now! Kaboom! Everything is gone.

Or simply if there is a Denial of Service incident, to much traffic - imagine this happens during the days - “Fail Whale” all the time! Everything we worked on so hard in the last months, to create an interesting exchange, almost for nothing. We create this network and promise people something and therefore have a responsibility… their time, there effort, there work. Don’t know, if we should expose them to high risks here.

A bigger company with lots of infrastructure and servers will fail much slower, and more predictable. It has much more security mechanisms in place.

I don’t say, that we should not give small companies a chance and be a part of them growing. Give one thing to them, take the decentralized approach. But the whole infrastructure on one server…

It is a question of risk management. What could happen. And what are we doing then… Do we have a reliable plan B & C?

If not…
? I am a bit concerned now. Nope, not a bit. seriously.

I started a thread on Facebook (copying this post) to reach out to some more knowledgeable people about this. Replicating it here for others to have a look at it:

Timothée Gosselin
we can also directly ask indiehosters what they think. Pierre Ozoux?

Kasper Souren
Personally, I wish there were an open source tool that uses client-side encryption to store things in the corporate cloud (that just got even bigger with amazon announcing their unlimited cloud storage for only 60$/yr) - maybe this could even be implemented as an add-on to one of the free cloud tools. So you can use corpcloud as a very cheap secure backup.

James Lewis
Sam, This is a valid concern, but IMO the answer is not to try to deal with these questions directly, but to get a trusted tech partner who you are confident will take responsibility for these infrastructure issues and ask them to do their best to create and manage an infrastructure that meets your needs.

If you get involved in these issues you may invest a huge amount of time focussing on the things that are not your core skills and cause yourself a great amount of worry, and you will potentially over optimise your infrastructure for challenges you don’t even have yet.

Present your needs as you understand them, for example 1) Serve a website that will get 1 million uniques in a month and might have to deal with sudden peaks in traffic when we do publicitiy or major events. The dates when we have major events when you need to make sure our infrastructure is totally solid are A,B,C. 2) Run 3 websites for X,Y,Z purposes, 3) Run a forum for upto 1000 users and an ownCloud for 50 users where we need 10 Terabytes storage for our video.

Get this tech partner on your team that commits a bit of time to OSCED, that listens to those needs then asks you intelligent questions in English, then let them do their thing and they will make these infrastructure decisions for you. ** It is not at all clear without understanding much more detail of your situation that you should prepare for DDos, or make distributed infrastructure decisions at this stage and this might actually hamper your ability to move quickly and increase cost unnecessarily.**

I’d trust anyone you mentioned here to do that for you, and also Jon Richter.

Cass Obvious-Pseudonym
James has said everything that I was thinking here. Web hosting and resilience is by no means my specialty, but I would be happy to put some time into these questions if that was the best option for the group.

In short, these are questions that need specialist attention, and which should be addressed by an individual or a team, rather than a comittee.

Sam Muirhead
This is really helpful, thanks guys! I’ll talk with the others about it and get a solution organised.

Pierre Ozoux

About IndieHosters, and more precisely, my servers (As Michiel de Jong runs on a different architecture)
Many questions:

  • One server per service ‘vs’ one server for many services

currently, I run things on one “big” server and 2 smaller. I have a current uptime of 99.95% for the last 30days (I didn’t work much on the infra this month :P).
the goal: have many servers that would orchestrate services automatically depending on load, availability…

But, yes, servers goes down, shit happens, today, I wasn’t able to access GitHub nor Faccebook for several minutes…

So yes, it happens also to big actors!

I use different servers from different service providers, and encrypted backup to an other server. So if you ask me, I can put the different services on different servers.
But yes, in the future, I’d like to have a more reliable infra with the classic LB-2apps-2dbs for every services I offer.
I think most of the owncloud services you can find out there are running just one instance on one server. And you can have wordpress as a SaaS in a reliable infra, but it’s a bit more expensive :slight_smile:

Then it is always a matter of cost. If you pay me, I can set you up this dream infra :slight_smile:

But there are no big drama, as long as their is a good backup strategy.

  • One person

Yes, I’m alone, and that’s a concern for us also. That’s why Michiel is sending me a backup of his clients regularly, and I have to do the same in the near future.

  • DDoS

We are not that big yet to fear this. But if you are really afraid, I can setup cloudflare in front, and it should be fine.

Hope it answers your doubts!

The world is not perfect yet, but we are all working hard on that I think :slight_smile:

whoops, I somehow posted as Erica… sorry about that!

and I thought I’d forgotten about the whole conversation! :wink:

This post has been mentioned in http://meta.allmende.io/t/open-source-circular-economy-days/133/3.