Cornell Stack
The new Cornell Stack
Webhost 3.0
Webhost 3.0 provides an updated platform that combines the hosting services onto a single VM.
The service is intended for customers that have technical skills/knowledge in installing/maintaining web software. Customers that have limited technical knowledge/skills may be more comfortable with some of the options listed at: http://www.it.cornell.edu/services/hosting/
Webhost 3.0 The Cornell Stack provides the following level of support: http://www.it.cornell.edu/services/hosting/support.cfm
Please review our Hosting Terms. http://www.it.cornell.edu/services/hosting/terms.cfm
PCI and Confidential data should not be stored on Cornell Stack VMs (or any Hosting Services VMs). If your application or website requires storage of confidential data or needs to process credit card transactions, please contact cit-hosting@cornell.edu to discuss options or next steps.
Customers that require a higher level of customization and/or have a deep technical background may be more comfortable with a "Managed Server" and installing the web application stack on their own: http://www.it.cornell.edu/services/managed_servers/
What's new
A summary of the updated features:
...
- Git Repository
- A git repository that can be used as an alternative to webdav for publishing code
- Mercurial Repository
- A mercurial repository that can be used as an alternative to webdav for publishing code
- nodejs
- possible to run under mod_passenger
- memcache
- distributed memory object caching system
- varnish
- web caching proxy server
Details
Software Versions
| Static | LAMP1 | CF9 | LAMP2 | Webhost3 |
|---|---|---|---|---|---|
Apache | 2.2 | 2.2 | 2.2 | 2.2 | 2.2 |
Coldfusion |
|
| 9.0.1 |
| 10 |
mod_php |
| 5.2 |
| 5.3 | 5.4 |
php-fpm |
|
|
|
| 5.4 |
Python |
|
|
| 2.7 | 2.7 |
Ruby |
|
|
| 1.8.7 | 1.9.3 |
Shared vs. Standalone Apache
In CF9/LAMP2 each "instance" represented a separate apache instance that could be started/stopped independently. This provides a high level of isolation, but can also consume more system resources and complicate server administration. The "shared" apache instance makes it possible to host a larger number of instances on a single apache instance while still providing isolation between the instances.
| Standalone | Shared |
|---|---|---|
Apache | 2.2 | 2.2 |
Start/Stop Apache | Yes | Yes* |
mod_cgi | Yes | No |
Custom virtualhost include | Yes | No |
mod_php | Yes | No |
PHP-FPM | Yes | Yes |
Start/Stop PHP-FPM | Yes | Yes |
Coldfusion | Yes | Yes |
Start/Stop Coldfusion | Yes | Yes |
Python | Yes | Yes* |
Ruby | Yes | Yes |
* Will start/stop ALL sites that are behind the shared Apache
** Use of Python w/out custom virtualhost include is somewhat limited
How many instances
Using a VM with 2 GB of memory the following are some guidelines on possible deployments. Individual applications may vary (i.e. it's possible to have a single PHP/Python/Ruby/Perl application that consumes 100% of the memory. Increasing the amount of memory may make it possible to run more instances, but it is not a recommended best practice.
Please note that each instance could host anywhere from 1 website to 100 websites depending on how the software is configured (i.e. a single multisite drupal instance serving 100 websites).
Coldfusion
- 2 instances shared or standalone
PHP
- 3 standalone
- 9 shared
Python
- 3 standalone
- 9 shared
Ruby
- 3 standalone
- 9 shared
Static
- 3 standalone
- 100 shared
The estimates below are based on the following observed utilization
| Memory (MB) |
|---|---|
Apache (mod_php) | 85 |
php-fpm | 35 |
coldfusion | 350 |
What's Changed
Apache Web Server (httpd)
- The Apache version is now 2.2.15, some features from LAMP2/CF9 may not be available (i.e. FallbackResource)
- The new Cornell Stack VM's are in private address space, so an Instance Splash page can only be accessed from on campus networks or the Cornell VPN.
- Many "default" configurations that existed in CF9 have been removed. Some examples:
- Default "allow from all" for the "scripts","images","styles","icons" sub-folders
- Default "allow from localhost" for the "tasks" sub-folder
- When using "PortalProxy" it may be necessary to update configurations
- Previous configurations that used "localhost" may no longer work and need to be updated
- It is no longer possible to have "legacy" CU WebAuth configurations
- This may require obtaining an SSL certificate and/or updates to ".htaccess" configuration files
- Change in ".htaccess" behavior (no longer inherit from "htdocs")
- Previously in LAMP2/CF9 ".htaccess" files would be inherited up to the "htdocs" level when multiple sub-sites existed under once instance
- This change can impact sites that make use of a large number of redirects/rewrite rules
Coldfusion 10
- Secure Profile enabled
- Table of these listings can be found at: http://help.adobe.com/en_US/ColdFusion/10.0/Admin/WSf23b27ebc7b554b629cab0421369741d5a7-7fff.html
- In a development setting you may want to remove the custom error templates to restore behavior similar to Coldfusion 9
- "Cornell" jar files for Fedora are no longer included
PHP-FPM 5.4
- When using PHP-FPM you will no longer be able to use a ".htaccess" file to manage PHP settings. Instead use a ".user.ini" file http://php.net/manual/en/configuration.file.per-user.php
- php_suhosin is no longer available
MySQL
- The mysql configuration has changed. Please use "localhost" instead of the previous hostname from LAMP2
File snapshots / restores
- You can no longer access file snapshots in the ".snapshot" directory. Instead you will need to use TSM to restore any files.
Let's get going!
Listed below is more information on several parts of the Cornell Stack.
...
| Page Tree | |
|---|---|
|
|
...