Forum OpenACS Q&A: Some aspects concerning using OpenACS in business

The following is an overview of the aspects that we (the timedesk team, from Holland- picture,it may be necessary to rotate your head) are facing when using OpenAcs to help people communicate...

We liked ACS from the beginning, but we think the cost of Oracle is a major obstacle (what's in a name?) to small companies. OpenAcs seems the natural next step. Furthermore, the real open-source spirit is here, with OpenAcs, and it seems like many ACS hackers have moved here! It is great to experience so much (and fast!) support. Naturally, we hope to be able to make our contribution in due time.

What we want is to use OpenAcs for business-purposes. We have a couple of orders from companies (and we are also involved in a government initiative) to set up a community system for them. One of the projects that are the most advanced is one where we have to construct an on-line directory for a mid-sized company.

At the moment, a community of secretaries and management assistants (mostly women) are our great test team. We are using OpenAcs 3.2.5, PG 7.1, AOLserver 3.4 on RH 7.1 on a test machine (see below).

Questions:

- Is it better to have a dedicated server for each project/company or can we use e.g. 1 server for 3 OpenAcs-instances? Bboard says this.

- Is the nsjava machine (nsjava.sourceforge.net) so far developed that it can be used without trouble? (For chat and webmail, both very interesting modules.)

Some aspects:

- Which OpenAcs version? Using OpenAcs 3.2.5. seems the best option at the moment, at least 4.x seems to be in development stage.

- Design, templating and functionality (for some of our clients we want special designs like frames, modeled like e.g. www.handicap.nl). Bboard says this. Templating should get easier with OpenACS 4.x.

- Server scaling

- Server security (ssh for remote control, internal safety etc... maybe setting up AOLserver in 'a chrooted environment'). bboard says this.

- SSL and AOLserver - this is the AOLserver document.

 

Maybe it is a bit ambitious to want to do all this, but we like a little challenge... Besides, your suppport makes us feel we can do it!

The next step now is to have a true development machine for the things above, besides the machine we are using for testing the functionality. Unfortunately, we cannot do much with the 'test machine' as it is already being used quite extensively. The 'webmaster' who used to be a language student but is now becoming a 'nerd' is already happy it is running anyway, even though many things are not working. Well, maybe he should start all over again to really get to know things...

What we have as a development machine is a P133, 64 MB. A bit underspecified perhaps. Both this and the test machine (1GHz Athlon, 384MB) are plugged in a 10 Mbit HUB connected to a cable modem (up 15kB/s (tough luck), down <450 kB/s). It is amazing how much you can do with modest means, but there are boundaries.

Well folks, thank you in advance for reactions!

Ben, Hans, Renny

Some more on your first two questions: Here Jerry Asher describes how to host multiple, separate sites from one server.

And here is the webmail install instructions from nsjava.sourceforge.net, in case you missed them. People do seem to have success getting it working, at least on RH 6.2.
- Is it better to have a dedicated server for each project/company or can we use e.g. 1 server for 3 OpenAcs-instances?
As with everything, you can safely say 'it depends on the project'. Depending on the horse-power you buy, you are probably better off buying one really fast machine (i.e. with lots of RAM and a good SCSI disks) and running all sites from that machine (and its backup). That way all sites benefit from the heavier machine. I'd venture to guess that any single site will not be maxing out the machine, so running the sites from one machine will give a much better peak performance - more bang for your guilder.

The 1Ghz Athlon you should be able to run at least 4 OpenACS instances without a running a sweat. I don't have exact figures for about loads, but I would not worry too much. If the load gets too high, just migrate one or more instances to another machine (which is simple).

- Which OpenAcs version?
3.2.5 if you want to go live now, 4.x if you can endure a bit of patience.

- Server security
Don't fret too much on it. Avoid things like BIND (8.x requires root priviliges use tinydns or something, better yet, don't run your DNS on your webserver), telnet (use ssh), rsh. Avoid sendmail, use qmail. My personal server runs rh6.2 as a basis, all public services are non standard (for RH), so none of the rh-script-kiddie exploits work (I see five of those 'attacks' every day). If you want to defend agains professionals, hire a full time security guy/monitoring.

- SSL and AOLserver
See my documents as well at http://pascal.scheffers.net/openacs/ it may help.

Give the P133 a bit more RAM and you will see it perform much, much better. My K6-400 has 256MB RAM and is very responsive with three OpenACS instances.