On Sat, Mar 26, 2011 at 1:32 PM, Michael Snoyman
<michael@snoyman.com> wrote:
Hi all,
JP Moresmau recently sent me an email asking for recommendations on
hosting a Yesod app. I think a number of you have heard me mention the
idea of setting up a WAI web hosting system (code named Lambda
Engine). I think it's time to start hitting this idea hard, and I'd
like community involvement as much as possible.
I think this is an interesting idea but hosting Haskell apps is basically just providing an OS with open ports on which they can run their http or fcgi servers.
...
At the other extreme, we could simply provide a set of shell scripts
for setting up a vanilla Ubuntu (or Debian, or Cent, or FreeBSD...)
install to support compiling a WAI application, provide an nginx
setup, etc. The user would be responsible- and have the freedom to-
set up his/her own server however he/she wants.
This seems like a better idea. IMO, it doesn't matter where we host, the OS images are what matter.
I'm a security guy by trade, so my app servers will never have any type of compiler on them when I host in production, and I would prefer all of my apps to be statically linked.
The thing that people new to web hosting suffer from is that there are approximately 1 billion ways to configure and host. Some ways are better than others, so I think we could provide:
* A hardened OS image that understands our required configuration and provides no other services. My recommendation would be Turn Key Linux [3] [4]
* A deployment script (private key auth based) which would push out new binaries, swap and bounce them.
* A set of *-server.hs that understand our set of server configurations**
If someone had these items, they could take their game to any hosting company in town that supported VMs on custom ISOs. We could probably even come up with a Ubuntu or RedHat hardening script for those that don't want to use VMs/ISOs.
There are lots of in-between points on that spectrum. For example, I
was thinking of perhaps providing a central compilation server that
everyone could use. In my experience, Haskell applications take very
few resources to run, but actually building the things take a while.
Compiling on a local system and then uploading is painful because (1)
you have to deal with architecture issues and (2) you might have a
slow upload speed.
I see no reason why a person couldn't build on their own machine, but if they don't have the resources, we could certainly set up a micro share on EC2 for that purpose. Making a secure build environment where they send over the code and it gets turned into a binary could be done.. but there is a *huge* amount of mutual trust going on. I wouldn't want to be involved at either end.
...
Anyway, I'm very interested to hear what other people think about all
this. I'll enumerate a bunch of random thoughts on this topic:
* Should this be a for-profit venture, bankrolled by a few members, or
a community, non-profit approach? (I'm favoring the latter.)
Using my recommended approach, the cost would be nominal.
* If we decide to provide some serious hosting power, we might be able
to make a deal with a hosting provider, stating that we're
representing the "entire Haskell web community".
I'm sure some hosting providers would love to play ball if we could guarantee some
long term customers if they did.
* I don't really think this needs to be WAI specific: assuming we just
use reverse HTTP proxies, this will work for any app that uses
standalone hosting. We could also support FastCGI if we wanted.
Yep.
* Remember that Amazon is now providing a free tier, which provides a
micro EC2 instance (available as either 32 or 64 bit). I think the
micro instance should be sufficient for running a few web apps, nginx
and PostgreSQL.
This is a great idea, certainly a decent proving ground.
* Since starting up and shutting down instances is so easy with
Amazon, we could provide both a "web host" image and a "Haskell
compiler" image. The web host could automatically start up a compiler
instance as needed.
Yep.
* Are we going to provide email sending support, with all of the
complications of dealing with spam lists, or simply offload to
external services (like Amazon SES[2])?
Not gonna touch that one.
* Does anyone have a good recommendation on who to use as a host?
If we really want to go down this path, I have some contacts we could talk to, but don't want to bother them unless we have a solid plan.
** By server configurations, I mean a 1 tier approach, where the front-end http server, the applications, and the database are on on the same machine, through the 3 tier approach.