Lost!

Recently, I talked to a friend about CMS engines and how he felt about them. He gave me some insight as to how he decides what to download, what to install and what to trash. It’s a little interesting to get into the mind of someone that knows just enough to be dangerous on the web side of things.

Typically, an IT professional will do a lot of research before installing anything. We like to know who’s going to be using the application, what the requirements for it will be, what the server requirements are, how it will affect our security, etc. We also take to heart the fact that our decisions could cost the company millions of dollars in extra costs.

My friend has a different way to do things. He likes to use the “I just install it and test for a a few days and see what happens” approach. While this works, it wastes a lot to time, energy and could compromise your web and DB servers very quickly. The other thing is, if you don’t do research, you may end up installing Mambo then later trying Joomla only to find out that they’re both roughly the same thing due to a fork awhile ago.

The “blindly install and test” mentality gets a lot of people in trouble, but oddly, it’s probably the most popular method with someone just getting started in the web world.

So, how does someone go about picking a CMS for them? Well, it matters really. You have to start asking yourself a lot of questions. This is one of those situations where “Patience is a virtue” kicks in…. So, some questions you should be asking yourself are:

• What type of web and database servers will this run on? Windows/Linux, MySQL/MSSQL
• What type of web language does your server support? Java, PHP, .NET (ASP) C# or VB, Ruby On Rails?
• Who will maintain the application? A team or an individual?
• How professional must it look? Is this situation for a family or for a professional organization?
• How many users are you supporting? 10 people or 1,000 people?
• Will the template of the application change often or once every few years?

Those are the primary questions you should be asking yourself before you even look at the available CMS solutions out there. With the answers to these questions already answered and thought out, you’ll have a much easier time digging through the masses - even if you already know what the answer to those questions are in your head.

After your choice
Evaluation of packages can last from seconds/minutes to months. Oddly, a lot of people I’ve met fall within the hours area of that mentality - if there are install problems, thats lasting seconds.

So, once you pick the software you want, how do you evaluate it? Well, first, more research actually…

• What version of whatever language does it require? If it uses PHP, does it require 4 or 5 - .Net 2 or 3.5? Does it require extra Server Side technology to be used?
• Are there known issues with the database version you plan on using? Do you need to use OLDPASSWORD in MySQL or is there a FullTextSearch requirement that your MSSQL 2005 server isn’t going to have? Do you need an ODBC connector?
• Is security on your web server going to cause problems due to the configuration? This is mainly language related, but those of us that must work in very secure environments know this can be an OS issue as well…
• Is the web address going to cause problems for you? Will Localhost suffice instead of a fully qualified domain name?
• What security problems are there with this package (there are always security issues)? Did you download a version that needs to be patched right away? Have you checked out what type of past vulnerabilities have existed for this software to get an idea of how well the software is coded?
• What are the known installation problems? Do you have to edit some obscure file deep inside the folder structure to avoid hours of toiling with the install because the devs haven’t released the patch just yet? Believe it or not this happens all the time.

But wait, there’s still more! Thats right folks, installation of a CMS package won’t get you from point A to B quickly (ok, some packages install almost seamlessly, but thats not my point).

Now that you have done your research, you’re itching to install your package… But, what do you do once its installed? If you’re installing something simple, things go easy and you can start working with it immediately. What happens when you install something that is really built as a full on Portal as well? A great example is PHPNuke vs Mambo. Installation and configuration of PHPNuke is pretty easy by today’s standards, but installing Mambo without really doing research - you’re going to have a world of confusion about you. Sure you’ll figure out some things immediately, but you’ll have a bad case of “learning while I’m doing”, which can cause a lot of problems later for you.

So, after you pick your package, what do you do? MORE RESEARCH… How does the configuration go, are there extra hoops to jump through, how much time will you need to devote to editing, updating and creating that content on your CMS?

Questions, questions, questions… I think you really get the point - there is a lot of research before you really pick a CMS Engine. So, in the end, by the time you actually pick a CMS and download it, you should know it’s the right one for you. Download and install 1, not 8…

Preview of the Next Blog Post: Just What The Heck Is A “Knowledge Worker” Anyway?:
I’ve been around CMS solutions for awhile now, I’ve even been around ECM solutions like Sharepoint for a bit as well. It seems, when ECM started getting popular, a term term sprouted out of the internet ectoplasm called “Knowledge Worker”. Honestly, I don’t see what all the hub-bub is and it actually annoys me to see the term used.

Now that I have a full blown server at home, I needed a way to use it for several purposes. There where two options:

Install Everything, including the kitchen sink, on one OS and deal.
Install a Virtual Machine Server to allow me to use multiple computers.

Between those two options, I’ve done the first, not fun. The second was the only way to go. The hard part about that option was, which software to install.

There has been 1 major vendor for the VM market for several years, but several have come out recently that are making headway - mainly, Microsoft’s Virtual Server. I chose to go with Virtual Server because I get the Enterprise Edition with my MSDN subscription and VMWare’s 64bit environment, from what I’ve read, is a software hack that happens to work right. VMWare can also cost a lot more than I was willing to spend for my little po-dunk test server.

Install
Installation of the software is so simple, your typical teenager could do it. The hard part is getting it to actually fire up. The reason I say that is because I installed it on Server 2008. If you’ve never messed with Server 2008, I strongly suggest you start learning ASAP, because things are much different. Server 2003 allowed you to select various components of IIS to install in Add/Remove Programs - 2008 takes it a step further by allowing all kinds of weird options inside of IIS to be added and removed individually. On top of that, IIS 7 threw me through a loop too.

Long story short, I installed the software, went to the configuration screen (which happens to be a web page) and nothing happened. All I got was a blank page. The standard “Welcome to IIS 7″ page wasn’t displaying either. To fix this, I had to do all of the following:

Activate CGI Access (IIS)
Activate .Net (IIS)
Activate Simple Auth (IIS)
Activate Static Content (IIS)
Add the localhost name to the trusted zone (IE)
Check “Always Prompt” for username/password (IE)

After that was all done, things worked and the fun got worse. I accidently downloaded and installed the 32 bit version - oops. I had to uninstall and reinstall the software, which went very quick and things where back to normal again.

VM Setup
I ran into more problems here, and those problems may turn people off from this software. I honestly got a little upset when I found out that, even if you are running a 64 bit OS, with a 64 bit install of MSFT-VMS, you can ony run 32 bit Virtual Machines. Aparently, the 64 bit VM capability will be added in the next major release, which is slated for…awhile. This problem caused me to re-download a lot of the OS’ and software that I needed as well as rethink my plans for later. This is also the reason that I was forced to install Exchange 2003 since 2008 is only 64bit. MSSQL 2005 was installed because 2008 wasn’t officially out of Beta at the time and I needed to brush up on it before moving to 2008. I’ll be installing Exchange and MSSQL 2008 when the VM software supports the 64 bit environment.

Other than that, setup went ok. There are some issues I have with the software, however.

• CPU Utilization is a little clunky. I can only evenly split up the CPU states. If I barely use Exchange, but would like to push more resources towards IIS, I have to assign a “Weight” to the process, making things a little odd to understand.
  
  

  CPU Utilization and Weighting

• When remoting in, you are given an itty-bitty 640×480 (approx) box to use via webpage. This is, unless you decide to use Remote Desktop to remote into each machine. I’ve turned this on, because things just don’t size well using the internal web (ActiveX) Viewer. And yes, there is an RDP client for the Mac… Click the picture below for a full size view of the internal Remote screen.
  
• Only 32bit OS’ are currently supported. This means a max of 4GB of memory per machine. If I wanted to allocate more memory to my MSSQL server and just shut off Exchange, I have wasted memory since I can’t force more than 4GB on it. This also starts to cause problems on what you can and cannot install - ie: Exchange 2003 vs 2008.
• For some reason, I don’t know if it’s caused by Windows or the VM Client, but when mounting ISO’s to the machine, the ISO is cached until you switch the ISO option to the physical disk then back to a new ISO file. This causes problems when you’re attempting to install something with multiple disks.
• I haven’t put much effort into it, but due to the way the VM Environment is setup, certain flavors of Linux have problems with it. It is not setup like VMWare that emulates full on hardware.

HyperV
Some of you slick people out there may be shaking their heads wondering why I’m running Server 2008 and Virtual Server instead of HyperV. Well, first, go and read this. It’s a copy of a Blog post by the original author (that post now 404’s on the authors website). Secondly, Microsoft’s own website lists an oddly worded explanation between the VM Server Product and HyperV:

Q. What are the differences between Hyper-V and Virtual Server?
A. Microsoft Virtual Server 2005 R2 is the current server virtualization solution from Microsoft and is based on a hosted virtualization platform. Hyper-V, a key feature of Windows Server 2008, is a hypervisor-based virtualization platform that will enable customers to not only consolidate a vast array of workloads but also enable moving toward a dynamic IT environment. Core feature set differences include support for 64 guest virtual machines, SMP support, performance improvements, and other key features in Hyper-V.

Well, there you have it - it has a few things that I want, but after reading that blog post, it needs to mature a little more than I care to even think about. At least right now, I can literally copy and paste a machine to a secondary dir and have a full-on backup. When I started this exercise, I built one machine up and copied it to other files, fired those machines up, renamed a few things and *poof*, things just worked.

In the end, I’m satisfied with the VM Product from Microsoft, but not wowed like I was when I first saw VMWare. I would love to get ahold of a 2008 copy at some point as well. Oddly, I have a feeling that MSFT will try to sway the market by changing 2008 to the point where people like myself are forced to use HyperV. Maybe one of these days, I’ll be brave enough to touch it.

Preview of the Next Blog Post: What’s Next For Alfresco?:
After a long hiatus from blogging, I’m starting to get back into the ECM scene and I’m trying by doing a blog post daily for this entire week… But, since I’ve been so down on Alfresco for so long, I figured I’d take an in-depth look at them. Again, I’m not anti-Alfresco. I truly and honestly would love to see Alfresco take a good sized chunk of the ECM market away from other companies - and remember, there isn’t just Sharepoint out there as a competitor…

Some people, like myself, test many CMS and ECM packages on a normal basis. There are, however, many people that may need to test these types of packages in a cheaper environment than on an enterprise class server that costs tens of thousands of dollars - whether they’re part of a small business, startup or even a large business with someone “testing” at home. On top of the CMS and ECM packages, I wanted something to help me test Enterprise class software (read: learn) for future use and I think I accomplished more than what I wanted.

Requirements
My requirements are completely over the top for someone testing an average CMS package like Drupal, Plone or even Joomla. My server is specifically setup for Enterprise class application testing.

I basically wanted something that would allow me to test SharePoint, Alfresco, and a whole host of other packages at once. I also wanted something to allow me to use Virtual Machines instead of just one OS. This allows me to physically turn machines on and off without even needing to be at the box. This will allows me to use products, side by side, in their own environments testing how memory and CPU resources effect the packages - I don’t need them trying to fight with each other on the same box.

My underlining OS is Windows 2008 Enterprise Server, 64bit. The reason I went with this instead of Linux and such, was because I needed to really need to sit down with 2008 and learn about how it works. I’ve also finally learned that businesses really prefer to pay for everything - especially on the government side of the line. (There was also an OS issue that I ultimately caused - it helped “guide” me to 2008 Server as well.)

Anyway - I am running another package that I’m learning about (running something you’re learning on is normally a very insecure thing - be careful during your planning) - Virtual Server 2005 R2 Enterprise. That will allow me to use 1 server for many. I decided on 3 base images of the OS I’m installing so I can power them up once a month, run updates and shut them down. If I need an image for something - cut’n'paste it and I’m pretty much fresh. (Note: There are some things that I’ve found that I don’t like about the MSFT VM Package - that story soon.) For machines, I decided on the following:

1. Windows 2003 R2 Enterprise Server: Not the “newest”, but the standard in most environments now. Right now, this is the only thing installed due to time constraints on my end.
2. Windows 2008 Server - Console Install: I was going to initially install this as the primary OS, but I didn’t want to pull my hair out trying to make everything work right while learning. For those that are unaware, MSFT has taken pointers from Linux on making servers headless for less overhead. Start this machine and all you get is a blinking curser, no GUI to log into.
3. Cent OS - This was planned as a Linux testbed for several applications, but there are weird issues that sprouted up. Ultimately, I have not had time to play with any Linux/Unix distros. This will happen soon though.

Now, that lists 3 servers - there are more. The extra servers are mirrors of their counterparts, just setup as separate Database Servers, Exchange Server or Images that are turned on once in awhile and updated. Right now, only the Windows side of things is setup. I’ve currently got IIS7, Exchange 2003 and MSSQL 2005 installed on 3 different machines. Yes, there is a reason for the older versions of Exchange and MSSQL… Thats for the VM Story later.

Now, the real question was - can I “cheaply” run all of those Virtual Machines on top of the physically installed OS? “Cheap” is a relative term. Over the course of the summer, “cheap” went from less than $1,000 to $2,500 to more than that. Now, this initial cost is just the hardware, it’s not counting the MSDN Premium package I purchased. In total, my budget was $5,000.

In terms of technical specifications, I required the following:

• Quad Core Server AMD or Intel - I didn’t care which. I’m not in the mood to compare Oranges and Tangerines.
• 4 2500GB+ Hard Drives in a RAID 10 array. Originally, I was going to use one 500GB drive for this exercise, but after thinking about it - it’s a Bad Idea©. The read/write on that one drive, with all machines turned on will be pretty bad, thus causing a higher likelihood of failure. RAID 10 was chosen over RAID 5 for performance reasons.
• 2 Onboard NICs. Mostly standard these days, but I needed to list it anyway.
• Memory - Ultimately, I got what I can afford. My requirements where a minimum of 8GB, but I wanted to see 16GB or more.
• Case, power, etc - Best option was a cheaper Barebones Upright case - I tore down my rack months ago.
• Graphics, for once, onboard VGA please.

Originally, I was going to put together this server for around $600, but have several physical machines. It can be done, if needed, but my requirements have changed and I actually got a job during researching the parts (which is why I don’t have time to write…) so things have changed. If you’re interested in this route, research Quad Core capable Shuttles. Low power, and small enough to get multiple machines in a tight area. Only downside - RAID will be hard to implement due to the space requirements.

The Server
My home server, otherwise known as the “TV” just wasn’t up to the task. While it has more Hard Drive space than any normal home computer should, it was designed specifically for what it does, a home PVR. There really isn’t a heck of a lot of processing power and memory to allow for more services, especially your average ECM package but when it comes to drive space, 2.5TB is overkill for a ECM test server as well. (TV for military in Europe is usually a season behind and a whole lot of re-runs, this’ll go to 5+ TB when we go back to the US.)

The first thing I did was hop onto eBay to check out the 1u and 2u servers offered. While there are thousands of servers out there, the “affordable” ones are either older or missing Memory and/or the CPU nearly all had no hard drives. In Enterprise class hardware, the drives (usually iSCSI) are really expensive, adding to the cost. On top of this, a lot of people flat out refuse to deal with APO based customers (Read: Military overseas) even though we have US based addresses - something that still really pisses me off. Anyway, after some soul searching, I ditched my hopes of finding a cheap, up-to-date, 1u Server. I decided to start searching for hardware built by smaller and larger shops - Dell, HP, IBM and even several shops listed in LinuxJournal - all too expensive. I couldn’t spend $5,000 on a test server that’s supposed to sit next to my desk, that was my full budget.

After some searching, I realized that no computer shop was going to be able to compete with a home-built server cost. While I won’t get support for broken parts, the warranty will cover that issue for the first few months - which is typically when things die. As for the hard drives, they die all the time. So, after thinking, I hopped back on NewEgg. Use what you will, but they’re the fasted and cheapest thing that I can get at my current location.

It turns out, NewEgg offers some very nice Asus servers. Here’s my hardware rundown:

• The Barebones Server: ASUS TS500-E4/PA4 Pedestal.
• Memory: 12GB FB-DIMM (6×2gb), brand doesn’t matter. Would have gone for 16+gb, but the cost($800) far outweighed the gains.
• Hard Drives: 2×80GB drives in RAID1 Array for main OS. 4×250GB drives in RAID10 Array (built in controller). All drives are standard SATA 3GB/s.

Drive trays: Since the main OS drives are in a RAID 1 array, I figured it would be best to have them cooled and removable. These ICY Dock trays show me the drive temps, have adjustable fan speeds, drive alarms and are decently cheap. Oddly, both docks had no problems compared to the reviews listed for it.

RAID 1 Array: This is the one thing I skimped on that I wish I wouldn’t have…that’s the reason for the “Almost” in the title. I’m running a Promise PCI RAID 1 card. The card runs perfectly fine, no problems. The problem comes from the fact that this is considered a Fake RAID card. It’s a hardware based, software RAID solution, very similar to what is on motherboards. If I had to do it all over, I would buy a full RAID1 card with battery backup, but it’s far too late for that unless this stinker comes crashing down.

Kicking The Tires
I must say, I’m very pleasantly surprised on how well this machine performs, even with the fake raid card in it.

When I first fired it up, it gave me a scare due to how long it takes for the POST to happen. Normally, I don’t worry about such things with large amounts of memory (if you’ve never dealt with a server, it is not to be thought of as a Ferrari, but more like a Mack truck…), but the screen remained blank for a bit longer than I anticipated.

Other than the startup time, which is a good 2.5 minutes, it runs Windows Server 2008 like a champ.

The Good
This thing runs strong. So far, I have no complaints about the hardware, cost or anything related to the physical machine other than minor details.

The OS side of things was a little iffy, so I’ll list that in the Bad section. But, I will say that Windows 2008 runs like a champ on this thing - no problems whatsoever.

On the noise front, this machine is quiet. It’s just a tad louder than the fan for my laptop cooling plate.

Here’s my Full NewEgg Review that’s listed on their product page:

Pros: Nicely built, very solid, no buzzing, etc. It’s great that it comes with a memory cooling unit as well. Cables already routed for you, clean inside.
Cons: -The 5 1/4 bays are just a tad cramped (.5mm or so), so certain things can be a bear to get in or get out if needed. For me, the middle bay, under the DVD drive was just a tad too small for a removable drive bay - had to play with it to get it in.

-No front fan and no easy way to mount one.

-Case intrusion switch can be a pain to reset. Remove battery, bridge reset pins and hold reset button for 15 seconds otherwise it’ll be a huge frustration for you. You can also just bridge the intrusion pins on the MB to not use the “feature”

-Not really a con, but the processors sit very close to the drive cage. Was pretty tight trying to get the fans on.
Other Thoughts: -Some may consider it loud, but if they’ve been in a Data Center, this noise is standard. It’s actually less noisy than it’s Dell counterparts after spin-up.

-Uses FB-DIMMs instead of normal ECC type.

-Does POST/Mem Check with no screen during fan spin-up, so don’t freak out when you first turn it on, give it a minute.

-Had one SATA cable that was bad.

Running Dual Quad XEONs E5410 2.33GHz, 12GB memory, RAID 10 on the drive cage plus RAID 1 off a Promise PCI card. Runs nicely as a VM server for web dev.

The Bad
While it’s more of my fault, due to budget constraints, I really wish that I could have gone with more than 12Gb of memory. Right now, If I turn on each machine with the max memory allowed for each, I can get a total of 4 machines running at once, but it freaks everything out since I’m using 100% of memory. If you do this, you’ll have to play with memory allocation till you get things running smoothly. The main problem here is that FBDIMMs are REALLY expensive.

Operating systems on this machine just didn’t want to play well. I attempted to load several flavors of Linux on this machine and it was just Not Fun. FreeBSD didn’t like the FakeRaid card (my fault) and complained about it from the beginning, OpenSUSE crashed hard within a day of installation, Ubuntu installed, rebooted and lost itself, etc. I gave up on the Linux/Unix stuff due to the issues related to the FakeRaid card. On the Windows side of things, I installed Windows 2008 Enterprise and it works like a champ - no problems, no complaints, no nothin’. Again, this whole paragraph was my fault.

Benchmarks
I know a lot of people just live for benchmarks. Originally, I was planning on listing them, but I don’t have time to run and rerun benchmarks on it with VMs running, not running, stress testing, etc. I found a few tools for testing IIS, but don’t have time to play around with them. I’ll probably update this post in the next week or so (hopefully) with at least an IIS Stress Test.

Note: MSDN licenses are a cheap way to setup a development lab since you can get tens of thousands of dollars in software for a hugely steep discount, but…you cannot use this software for a production environment. Also, MSDN Educational licenses are even less money, but you cannot use programs associated with them to actually sell anything you create. Some people have found out the hard way that Visual Studio actually marks your files to which license was used to create the program.

Preview of the Next Blog Post: Switching to a Mac:
I’ve been a solid Windows user since ver. 3 (yes, that clunky windows version that everyone laughs at). Before then, I was a solid, hard core, DOS user. Over the years, I’ve used FreeBSD, Digital Unix, several Flavors of Linux, and all the Apple OS’ from 7.1 to X… This month, I made a major decision to completely switch to Mac, even though I do .Net dabbling, SharePoint work and all that Windows based stuff.

I’m being my normal self and am working on a personal project to “be my own boss”. Translation: I’m coding a web application for one of my 20 or so domain names.

In the past when working on a web application, I would either write an authentication scheme or borrow from an Open Source project like PHP User Class, but this time, I think I”m going to try something I’ve never seen before - not using any coded authentication - on my end.

Over the years, I’ve managed to pick up more username and password combos on different websites than I care to even think of remembering. Every time I manage to hit one of these websites, I must remember the right username and password, if Firefox isn’t setup to remember it for me. In today’s age, however, there seems to be something that prevents me from designing this archaic system over again. Why should I write an Authentication Scheme when Google, Yahoo, Microsoft, MySpace and others have done it for me?

So, if you made it through all that and are still confused, I’m thinking about a website that could possibly be popular (isn’tthat every website?) with no “Register”, no “Login Username/Password” and all that junk. The only form of logging in is a choice of which service to log in with, be it Google, Yahoo, Microsoft Live, Facebook and possibly more.

At the moment, Alexa, as flawed as they are, lists Yahoo and Google as the two most popular websites on the web. With those two websites, I can probably cover 90% or more of my users, although I may through Microsoft’s Live authentication scheme in as well to include more people. I know Zoho and others use both Yahoo & Google together, mixed with their own authentication scheme. I’m just a little curious how this would go over.

The HTML v.5 draft was released on the 22nd and I’ve had a little bit of time to read some of the 488 pages, and there are some interesting things.

For one, there are hugely obvious sections where RSS, Video and Sound have influenced the new standard - allowing for embedding RSS directly into the HTML (ie: no widget needed) as well as new embed code for Video and Audio.

Blog influence comes in with Article and Dialog tags becoming standard inside HTML, although there are a few more than can be used as well that completely fit within the Blogging world.

So, before I get into the nitty gritty, some may wonder why the change has occurred. With the advent of so many fully-function, Web 2.0 websites, it seems that many developers, myself included, have used their own tags to show things that have become the norm. For instance, WordPress uses the “POST” class to show a post - imagine that. Even SharePoint uses “TOP” as the same indicator of content. There are several other web applications that use roughly the same DIVs for the same type of content - HTML v.5 is an attempt to standardize that. Continue reading…