Hosting Clockwork Web Framework With Amazon

I’ve blogged a lot about my admiration for Amazon’s web services stack. I think they understand the web as well as any company in the world. It’s always been my intention to investigate Amazon’s Electronic Compute Cloud (EC2) and since I needed hosting for my new Clockwork Web Framework, I decided to give it a try.

The reason I went with Amazon rather than a traditional hoster is that I have no idea what kind of interest there will be in the framework, and therefore cannot predict what the load on a web server will be. Amazon EC2 is designed for this kind of flexibility, and you pay per hour.

The Platform

I am running a small Windows Server 2003 32x server instance to begin with. It only has 1.7 gb of RAM. I can scale this up if I need to, or more likely I will run up another small instance and load balancing the two using Amazon’s Elastic Load Balancer technology.

On this, I am using IIS 6, .NET 3.5, SQL Server 2005 Express, and Powershell. Most of my files are kept on a permanent storage drive (more on this below) and served by IIS. In order to maximize the speed and lower the CPU burden on the server, I have decided to use another Amazon technology, CloudFront.

CloudFront Content Delivery Network

CloudFront is a Content Delivery Network (CDN), like Akamai or Limelight. I use it to serve my images and resource files. Basically Amazon has edge servers all over the world with a copy of my images and resource files, and when users request them from my website, CloudFront automatically sends them a copy from the nearest location to them, making for some very fast download times.

To make this work, you have to use Amazon Simple Storage System, or S3. This is a virtual file system. Basically you have “buckets” of files that are served up when requests come in from the CloudFront “distributions”.

I’ve optimized it a bit by having two distributions; one for images and one for resources. This means that a page which requires both things will load even faster since two parallel CDN distributions are processing the files at the same time.

You can create CloudFront distributions through code, or through Amazon’s web management portal.

  Since you can control the public URL of the distributions, you will notice if you view the properties of my website that my images are handled by the path “http://images.clockworkwf.com” and my resource files are handled by the path “http://resources.clockworkwf.com” . In other words, I have full control over what path I give them. Most people will never know these picture are being served from Amazon.

I notice the website loads really quickly, so the CloudFront makes a big difference.

EC2 Hosting Challenges

So that’s the high level architecture. There are a number of impacts when using Amazon as a hoster I’d like to talk about.

Server Goes Up, Server Goes Down

To begin with, you have to assume that at any moment your server will go down. If your server dies, it vanishes, and you have to “spin up” another one, using the web interface or code. It’s very easy to do from the web console, just click “Launch Instance” and you can pick any server ranging from Ubuntu Linux to Windows 2003 Server 64x Enterprise R2.

Although the server instances you can use have their own hard drive space on C: and D: drives, you have to treat that as transitory storage.

I’ve setup my system in such a way that I can use an Elastic Block Storage (EBS) hard drive volume, provided by Amazon.This is a more permanent drive space that you pay for, but can be attached to any server instance. Think of it as a SAN (that’s probably what it is).

So I’ve got my database and web files on this EBS block, which I then mount to any server instance I’m currently running.

On the server instance, I simply point IIS web server to the EBS block files, and away we go.

The EBS can be any size you like, and you pay per GB per month. Right now I’m using 10GB since my log files and database don’t take up much room. I can add more space later if I need to.

Here’s a screenshot of that EBS volume, in the Amazon web console.

Dynamic DNS Entries

Next problem: Since the server can go down at any moment, DNS is a problem. If my server dies and I spin another one up, it will be given its own IP address, which my DNS entry for www.clockworkwf.com wouldn’t know about. So there might be a long delay while DNS changes to the new IP address.

So, I’m using a Dynamic DNS service called Nettica. They have a management console where I can enter my various domain records and assign a short Time To Live (TTL), which means the DNS entries update frequently. So if my server dies, I can change the entry in Nettica to point to the new server’s IP address, and within a few seconds requests are going back to the right place.

Nettica even allows me to control all of this through C# code. Going forward I plan to write powershell server management scripts that can automatically spin up a new server on Amazon, determine the IP, and register that with Nettica.

Incidentally, Amazon EC2 allows you to buy what are called “Static IP Addresses”. Essentially you can “rent” a fixed IP address which can by dynamically allocated to a server instance. So, in the short run this makes life easier for me as I have rented one, used that for my Nettica domain name record, and can assign this fixed IP to any new server instance.

Next problem: Disaster Recovery.

Disaster Recovery is even more important in Amazon EC2 world than elsewhere, since again your instances could die at any moment….Not that they will, but the point is, they are “virtual” and Amazon isn’t making any promises (unless you buy a Service Level Agreement from them).

However, Amazon’s EC2 provides a level of DR by its very nature – you can spin up another machine in a small amount of time. Estimates for new Windows instances are about 20 minutes.

There’s also something called an Availability Zone. Essentially it means “Data Centre” – Amazon has several of these and so you can spread your servers around between US – East, US-West, Europe, and so on. So when that Dinosaur-killing comet hits North America, the Europe Availability Zone keeps chugging.

Right now I’m not really doing much with my database, so DR isn’t such an issue. I have some security since my files are on an EBS block. However, eventually I’ll setup a second server in another availability zone and load balance the two.

Another Challenge: Price

Amazon Web Services are flexible, and you are charged per hour, for only what you use. This is an amazing model but it doesn’t work so well for website hosting, because of course your servers are supposed to be online 24/7, 365 days a year.

It’s hard to tell for sure what the annual bill will be, but for my small server instance (remember, only 1.7 Gb of RAM) it will cost well over $1,000. That’s a lot more than shared space on a regular hosting provider. However I’m willing to pay this, for the flexibility I get, and also because I think Amazon web services are a strategic advantage and so the earlier I learn about them, the more business opportunities I might unlock.

One good thing is that Amazon has been aggressively dropping its prices as it improves its services. Additionally, they have started offering “Registered Servers” – basically a pre-pay option for 1-year, 2-year, and 3-year terms. Unfortunately these are only for Linux servers at the moment but hopefully they will add them for Windows and then I can save money year on year.

CloudHost Monitoring

Amazon offers a web-based monitoring option for its server instances. I’ve started using it (for an additional fee) but I’m not sold on its utility yet. I don’t think I’m using it to its full potential yet – it is supposed to help you manage server issues by monitoring thresholds.

Managing S3 Files Using Cloudberry Explorer

I needed an easy way to create and manage my buckets, CloudFront distributions, and S3 files. I found Cloudberry Explorer, and downloaded the free version of it. I was able to drag and drop 1600 files from my Software Development Kit to the S3 bucket where I’m serving the resources. Super!

There’s a pro version I might purchase which would allow me to set the gzip encryption and other properties on the files. This would help lower my bandwidth costs and speed up the transfer a bit.

Here’s a screenshot of Cloudberry in action:

I love how easy it is to setup and use Amazon’s web services stack. I think they have a great business model for the Cloud, and they’re the company to beat. I’m willing to rely on them for the launch of Clockwork Web framework and so far I haven’t been disappointed.

Introducing Clockwork Web Framework for .NET

In 2003, I read a book, “Making Space Happen”, by Paula Berinstein. It’s about the efforts of entrepreneurs to open up space to the public. It’s the kind of thing that gets my propeller-head spinning, and after reading it I resolved to create the best website on space travel on the internet.

So, I sat down in a park and within two hours I had covered several sheets of paper with scribbles and scrawls of what my website needed. I had notes on authentication, web components, search boxes, themes, dynamic images, language toggles, and all kinds of stuff.

Being a good little programmer, the more I designed, the more intricate the design became, and pretty soon I was knee-deep in code. Flash forward six years later, and I have yet to write a single page of that space website!

But I do have a web framework :)

What It Is

Clockwork makes it easy to build powerful .NET web sites. It’s completely free, open source (under the Apache 2 license) and you can use it in proprietary or open source projects, as you like.

Some of the ways it makes web development easy:

• Database-agnostic data access
• Dynamically displays content in different languages
• Leverages the .NET 3.5 framework, including the Provider Model, generics, LINQ, automatic properties, and more
• Integrates with popular web services such as those provided by UserVoice, LinkedIn, Google and Yahoo!
• Makes it really easy to use object-oriented programming standards like Dependency Injection / Inversion of Control, Repositories, and Specifications

Under the hood I use many popular components, including NHibernate for database access, Castle Windsor for Dependency Injection, and log4Net for logging.

Although today marks the official public release, the framework is currently at version 3.x because I’ve been using earlier versions of it in production websites since 2004.

I’ve built Clockwork using as many web standards as I can find, as many of the latest .NET elements as possible, software best practices, and a lot of love and stubbornness.

What It Will Become

Well, it’s obviously too early to say. But I am committed to continuing to develop it, I have a long list of things I plan to add, and I’m hopeful a community of .NET developers will adopt it and push it into areas I can’t even imagine today.

Please take a minute to visit the website and learn more about it. I hope you find it helpful.

Many thanks,

Nick

Data Splunking

I’ve had my head down for the last couple of months, churning out code for that elusive framework I keep hinting at :) Right now I’m staying in a trailer with no tv, internet, or cell phone coverage and I’ve never been more productive (says I).

Still, I thought I would pop up briefly to mention a cool IT tool that can provide you with a centralized, browser-based repository to search on all the millions of log files, event viewers, and databases that are inevitably scattered around any company’s data centres.

It’s called splunk. Its name is clever – users get to spelunk into their data silos and see what’s there. It’s a simple, single package install that runs on most desktop machines and servers. There’s a free version if you use less than 500 megs of indexed data, and enterprises can pay to index larger corpuses. I’m running that on my Vista 64 bit box and it indexes and searches like a little champ.

In my case I’ve been using it on my framework log files to help analyze bugs and performance bottlenecks. Here’s a screenshot of a search on the keyword “nhibernate” (NHibernate is an Object Relational Mapping software):

As you can see, it quickly pops up all the logged events where NHibernate was called from my classes.

To get this to work, all I had to do was add an “Input” for splunk to index – in this case the full path to my log file folder.

As you would expect, it does lots of reporting. It has broken down my log files into various columns. Examples of these columns are: custom C# properties I search on; the standard log file “stuff” such as the source name, date created, file size; even the sql commands that NHibernate generates for me. I can filter these columns for even more detailed breakdowns. In the next screenshot I am reporting on Entity ID values I use to track my framework objects.

I like splunk because it’s a one-stop shop for me to analyze all my various bits of IT Operations information. There’s a slick AJAX web user interface, and so far performance seems fine for me on my little dev laptop. I find it solid, intuitive, and I don’t have to expend much effort to install, manage, or learn it.

There’s also a way to extend splunk using its custom Application Programming Interface. I plan to investigate that when I have some free time but have not had a look yet.

I think any IT company should give splunk a test run.

Sharing Knowledge With Creative Commons

Over time I’ve written lots of user guides, installation documents, governance papers, roadmaps for various companies…and I can’t use any of them ever again.

This is because the standard consulting or employment contract contains lots of legal text stating that the employer owns all the copyright to the employee’s work. This naturally includes software documentation. This seems like a good idea on the surface – the company pays for the time I take to write the document, so it’s their property.

However, there are hidden downsides.

To begin with, software project requirements tend to be fairly standard. Most projects require a project plan, a specification document of some kind, server topology diagrams, installation scripts, standards and best practices recommendations, help and support docs.

The details of these may vary a bit, but the definitions, explanations, and recommendations usually won’t. Even the details may be similar – one 3-server SharePoint farm will have to address the same issues any other 3-server farm will. This could be boilerplate text.

Reinventing the Wheel

If companies claim ownership of all software documentation IP – which is their default stance - they may not realize that they are paying their employees or consultants to reinvent the wheel. If they claim ownership of everything they generate, no one else can benefit. Conversely, no-one has an incentive to share.

It might be better for a company to leverage documentation created somewhere else, and modify it to suit their own needs – then they are saving time and money.

As a consultant, it’s been suggested to me that if I bill by the hour I shouldn’t mind writing the same stuff over again. But I find that boring – having figured out a way to describe something once, why would I want to come up with new words to say the same thing again and again?

Also – I would rather spend my budgeted documentation time improving existing content. If I’m spending my allotted time rewriting from scratch, that won’t happen.

Finally, we programmers are lazy - in a good way! We’d rather move on to new,  interesting problems than rehash the old ones again and again. So, proprietary IP ownership goes against most programmers’ core mindset.

I’m not saying a company should never claim software documentation IP – there can be valid business reasons for this.

If the company wants to own the IP because it is a business differentiator, and they will maintain and improve the documentation, that is a compelling reason for them to want to own, and not share, their IP.

Also, if the documentation contains lots of very sensitive information, or is very unique, that could be another good reason to hold on to the IP tightly.

I just think they should examine the alternatives first.

Why Bother Picking a Sharing License?

Why bother picking a license in the first place – why not just post the information somewhere and not worry about  it?

Often information shows up on people’s blogs, in user groups, or in online tutorials. In most cases the authors want people to be able to use the information, but they don’t explicitly specify a license. They probably assume that other people can take the code or text and use it as they like.

However, most organizations are (rightly) nervous about copyright issues. If they can’t tell what license the information is released under, then rather than spend time requesting the rights to the content, and tracking the request, they may avoid using it at all. So, specifying the license makes the information easy to adopt, and provides legal protection for companies using it.

A Business Case for Creative Commons

Wikipedia is probably the best example of the power of sharing information on the web. It currently uses the GNU Free Documentation License, but will use Creative Commons Attribution-ShareAlike in the near future. Jimmy Wales, Wikipedia’s creator, says he would have used Creative Commons if it had existed at the time he founded Wikipedia.

There are other license types that allow sharing. Public Domain seems to allow freedom to do anything you like, but my understanding is the concept of Public Domain doesn’t exist in all countries, so it may be a legal impediment for companies wanting to share work. Creative Commons makes an effort to “port” the license terms to different jurisdictions so it is more likely to be valid elsewhere.

I’m primarily using Creative Commons Attribution-ShareAlike licensing because it fits my business model:

1) It’s transparent. People can easily understand what it means, because it’s in plain English and also in Legalese. Even the name is self-explanatory: “Share Alike” and “Attribution” makes it clear what somebody using it can do, and how. Having spent the last three months examining various software and documentation licenses, I’ve come to the conclusion that clarity is one of the most important qualities of a license. Also, I want my three months back!

2) It encourages sharing, even for commercial use. Information Technology is so complicated because we combine many different systems and technologies together and expect them all to work. No wonder software breaks all the time. If we don’t share, there are a lot of things we’ll never figure out on our own. Any licensing that encourages the spread of knowledge is a net gain for everyone.

3) It requires attribution. Attribution is a tiny barrier to adoption, because people are used to adding copyright notices to text they reference. I like the idea that if I do good work, people will find out about it. I consider it viral advertising.

4) It’s low maintenance. I don’t have to get a law degree to figure out the licensing. I would rather copyright law stayed the heck out of my way while I focused on my work. CC-SA allows that.

5) Sharing is good karma :)

Free Online Content on our Extranet

So, is 100% of my content shared under this license? No, and it never will be, because licensing is a business decision that always depends on the specific context. However, my default stance is to share what I write.

The content on this blog is now licensed under CC-SA.

As part of my contracts now I usually negotiate to own the IP I generate, with the promise of licensing it under CC-SA so everybody can benefit. This is working well so far.

To put my money where my mouth is, I’ve started to publish some content on our extranet at https://extranet.griffonsolutions.com/clients/allclients. You can log in with the username “guestuser” and the password “guestus3r”. There is a shared document library with the documents grouped by license type.

I welcome feedback on the documents – what works or doesn’t work, what can be improved and how. I’ll keep the docs up-to-date. Please email feedback to me at nick@griffonsolutions.com.

Feel free to browse, mix, and share!

Griffon Solutions - Startup Diary

About four years ago my partner Marie-Claude and I started developing some custom ASP.NET websites for small businesses.

The company name - Griffon Solutions - comes from a lovely little village in the Gaspesie region of Eastern Quebec called l'Anse-au-Griffon.

What began as a part-time effort on evenings and weekends slowly started to get a little more organized over time. Two years ago, before we moved to Australia, we registered the company in Quebec.

Our reason for coming back from the Lucky Country last year was to focus more on this company, with the eventual goal of having a fun and challenging full-time web solutions business (software and consulting services) that we could run from anywhere.

We'd love to have an "open source business" - not just by writing Open Source software but by transparently sharing what we're up to, and how we're going about it, and learning as much as possible from the web community as we go.

Website Redesign

We’ve just launched a redesign of our website, www.griffonsolutions.com. We had a couple of pages online before, but the site was put together very very quickly as a placeholder, and needed a lot more love. In fact I’ve always been reluctant to publicize it :) As the old saying goes, “the cobbler’s children run barefoot”, and we never made the time to fix up the site, until now.

As a result of this SharePoint blog, I was contacted by Mario Hernandez, at Designs Drive. Mario has been looking into SharePoint and wanted to know a bit more about the LDAP integration I’ve written about. After a few email conversations he was kind enough to volunteer some of his time to help us redesign our website.

Marie-Claude and I picked a graphic design template we were happy with, and then Mario worked hard to make sure it was transformed into valid Xhtml and CSS. We all felt it was important to adhere to web standards and avoid table layouts if at all possible. We’re very happy with the end result.

Thanks so much, Mario, for contributing your time and your knowledge to us!

I think this is an interesting trend, especially in tough economic times…Here we have a couple of guys working in Los Angeles and Quebec who have never met, trading their IT skills and time to each other online. I know we’re not the first ever to do this, but it shows how small the world is, and how many opportunities there are for people to collaborate and work together.

The Framework

Incidentally, our new website is built on a custom .NET web application framework I’ve been working on constantly for the last 5 years.

The framework has been very much a labour of love. Sometimes it has been very frustrating and dispiriting, while at (most) other times the work has been fascinating, challenging, and deeply educational.

I’m finishing up the architecture on it and aiming to release it this Autumn as supported Open Source (probably Apache 2). This means that other people can use it (even in proprietary software).

In plain English, the platform has two goals:

1. Provide a foundation of Enterprise-level capabilities to any .NET application.
2. Integrate with popular software, databases, and web services in a simple, stable, secure, and flexible way 

It is standards-based and fully multilingual right out of the box. It uses NHibernate so it can support most databases without any modification.

From a technical perspective I’m still nailing down the shipping features, but currently it includes all of the following:

• C# 3.0 / .NET 3.5 Framework
• Generic business Entities to model common web software concepts such as users, websites, documents, and web pages. These are implemented via interfaces so you should be able to integrate them with your existing code without much modification
• Common metadata and provider information for all Entities, such as Creator, Date Last Modified, and Data Source
• Basic LINQ querying for all Entities
• Entities can be exposed via a variety of formats including JSON and XML, or through web services (such as REST and SOAP) or web feeds (RSS and Atom)
• Full multilingualism down to the level of an individual piece of data
• N-tier codebase, using object oriented best practices
• NHibernate database-agnostic data storage
• log4Net for robust logging
• Application Integration layer to make it easier to consume and provide information from a wide variety of services, software, and other sources (such as RSS and Atom feeds)
• OAuth authentication for authenticating to web services such as YouTube or Google
• Some strongly typed web service managers and web controls to make it easy to use popular services like LinkedIn, Yahoo FireEagle, and Google
• Strongly-typed, standardized file access to a variety of file storage sources including Amazon S3, Http web servers, FTP servers, and Windows file systems
• Uses the .NET Provider Model (especially for Roles and Membership)
• Presentation layer with prebuilt base controls, pages, and master pages, as well as some server controls
• Includes basic website project with Robots.txt, Master Pages, sitemap, XRDS file, and Admin area to make it easy to start up and manage a new website

I’ve been using various versions of this framework in production since 2003 / 2004 so it is tested and stable (my current internal release number is 2.7), but it’s nowhere near where I eventually hope it can be, which is why I’m hoping to build a thriving community around it.

Right now I’m in talks with a group that wants to evaluate using it to integrate their software with a popular web messenging service. If you too would like to evaluate the framework around the Q3/ Q4 period, drop me an email (address below) and we can have a chat.

I’ll provide more updates on this framework during the summer, as it nears RTM.

The Future

Obviously there’s a lot going on. In the future, this blog will speak not just about SharePoint and related technologies, but about business and technology issues in general. I hope to learn as much as I share, and I hope above all that the blog remains interesting and that you enjoy reading it :)

Cheers,

Nick

P.S. You can always email me at nick@griffonsolutions.com.