December 6, 2010 at 12:23Decide the fate of the project: Winnie cloud - cloud Ruby hosting
I already told you that I visited Poland at Democamp 2010 and met many owners of promising Polish startups.
The Polish guys, the creators of Winnie Cloud , were asked to find out if their startup would be in demand in Russia. And I hope you can help me provide a general picture of what is happening in this area in the comments.
The basic idea is secure cloud hosting for Ruby on Rails.
It is worth starting with the fact that Winnie Cloud was originally a closed cloud, created to support applications for their own customers. But because of the uniqueness of the service and the confidence that the service will be in demand, it was decided to make the hosting publicly available.
The whole architecture is graphically illustrated:
The main "feature" of the hosting is increased attention to the security of application data. Each application is isolated in its own virtual environment, has its own network and database. This solution protects the attacker application from accessing data. Below we consider all aspects of security in a little more detail.
There is only one moment when traffic from various applications passes through a common channel: the HTTP interface. All other parts of the system are safe and isolated to ensure data security.
In collaborative environments, there are many ways to intercept traffic. In Winnie Cloud focused on all aspects of web hosting and improve their security.
When working in virtual environments, there is the same problem as in conventional ones - on one server, one process has many possibilities to influence other processes. There is a possibility of interruption of the process and even obtaining administrator rights on the server. So far, the only way to secure the application is to place it in an isolated environment (virtual machine).
For each application, Winnie Cloud allocates a separate virtual machine so that it cannot access the processes of others.
Even the most optimized database servers can be inefficient due to non-optimized queries that retrieve millions of records from multiple tables at once.
Vulnerabilities on database servers are quickly fixed, but even then there is a tiny chance of getting data from other applications.
In Winnie Cloud, each application gets its own database server to avoid data loss and performance.
There is one more thing that an application can do on its virtual machine. Obtaining administrator rights, it can intercept all traffic on the network to which it is connected.
Winnie Cloud uses IPsec to provide only the necessary and secure connections between all network nodes. Thus, the only thing an attacker can intercept is his own traffic.
Winnie Cloud gives each application its own HTTP cache and full control over its contents. Thanks to cache directives that can be changed manually, the possibility of damaging the cache of another application is excluded.
I turned to the Evil Martians on the prospects of this startup:
Also, according to Martians, an interesting option for Russia is Skalaxi . They have reasonable prices and servers in Russia with a good channel. On the other hand, Skalaxi is not a Ruby service, but rather follows the Amazon model, providing scalable root-access servers.
I urge you to comment in the comments if such a service as Winnie Cloud is needed in Russia.
PS At the same time, check the hosting for Habraeffect =)
The main "feature" of the hosting is increased attention to the security of application data. Each application is isolated in its own virtual environment, has its own network and database. This solution protects the attacker application from accessing data. Below we consider all aspects of security in a little more detail.
Security architecture
There is only one moment when traffic from various applications passes through a common channel: the HTTP interface. All other parts of the system are safe and isolated to ensure data security.
In collaborative environments, there are many ways to intercept traffic. In Winnie Cloud focused on all aspects of web hosting and improve their security.
Independent Virtual Servers
When working in virtual environments, there is the same problem as in conventional ones - on one server, one process has many possibilities to influence other processes. There is a possibility of interruption of the process and even obtaining administrator rights on the server. So far, the only way to secure the application is to place it in an isolated environment (virtual machine).
For each application, Winnie Cloud allocates a separate virtual machine so that it cannot access the processes of others.
Separate database server
Even the most optimized database servers can be inefficient due to non-optimized queries that retrieve millions of records from multiple tables at once.
Vulnerabilities on database servers are quickly fixed, but even then there is a tiny chance of getting data from other applications.
In Winnie Cloud, each application gets its own database server to avoid data loss and performance.
Separate network
There is one more thing that an application can do on its virtual machine. Obtaining administrator rights, it can intercept all traffic on the network to which it is connected.
Winnie Cloud uses IPsec to provide only the necessary and secure connections between all network nodes. Thus, the only thing an attacker can intercept is his own traffic.
Separate cache
Winnie Cloud gives each application its own HTTP cache and full control over its contents. Thanks to cache directives that can be changed manually, the possibility of damaging the cache of another application is excluded.
Expert opinion
I turned to the Evil Martians on the prospects of this startup:
Judging by the description on the Winnie Cloud website , the guys are very close in technology to Heroku . Technologically, this is very interesting, since their model gives less headache when deploying. Also, in comparison with the same Heroku or RackSpace Cloud Servers , hosting in Europe is a significant plus in the struggle for a place in the sun. Of the obvious minuses, it is worth answering:
- Quite high prices in comparison with other cloud hosting services ( Heroku, RackSpace, Oversan, comparable to AWS );
- Choosing a hosting is like choosing a bank: first of all, you need complete confidence in the structure and service, and secondly, you need opportunities; there is strong competition from both Heroku and RackSpace Cloud Servers for fame;
- Less features than Heroku with the same architecture.
Also, according to Martians, an interesting option for Russia is Skalaxi . They have reasonable prices and servers in Russia with a good channel. On the other hand, Skalaxi is not a Ruby service, but rather follows the Amazon model, providing scalable root-access servers.
I urge you to comment in the comments if such a service as Winnie Cloud is needed in Russia.
PS At the same time, check the hosting for Habraeffect =)