This is our customer-focussed project list and current status, in priority-order (lowest to highest).
Recently completed items are marked with a tick (in order of date completed).
Follow @metawerx on Twitter to keep up to date on our progress!
Metawerx Roadmap | Complete |
Instant Provisioning - PayPal PDT and IPN integration (done) - Work out strategy for instant provisioning of databases (done) - Work out strategy for instant provisioning of new JVMs (done) - VM control panel in SiteWinder allowing customers to add/delete/pause/resume JVMs (65%) - VM control panel in SiteWinder allowing customers to add/delete databases (50%) - Show all JVMs owned by customer in SiteWinder and allow File Browser, JVM restart and other standard features (done) - Facility for instance-templates to auto-configure new instances on startup, including use-template, copy-instance or plain (fresh) options (80%) |
76% Complete |
Instant Scalability - VM control panel in SiteWinder allowing customers to modify JVM specifications (80%) - On-demand disk-space provisioning (30%) - On-demand changes to traffic provisioning (done) - On-demand changes to JDK and Tomcat versions (done) - CPU auto-scaling system (done) - RAM auto-scaling system (done) - Add more servers, more RAM for currently foreseeable scalability requirements (done) - Automate new-server configuration to allow fast addition of new servers (done) |
83% Complete |
AES-Encrypted Offsite Backup Encryption - This task focuses on isolation between offsite backup servers and primary servers. Neither system should trust the other. Additionally, the backup system should accommodate a breach without putting user data at risk. - Complete and review internal research paper: Information retrieval from a breach of an offsite-backup server - Complete and review internal research paper: Offsite-backup erasure via a breach of a primary server - Use Advanced Encryption Standard (AES) as recommended by FIPS and NSA - Encryption for MySQL 4.x, 5.x backups - Encryption for MariaDB 5.x backups - Encryption for MongoDB 2.x backups - Encryption for CouchDB 1.x backups - Encryption for PostGreSQL 8.x, 9.x backups - Encryption for SQL/Server 2005 backups - Encryption for Subversion backups - Encryption for all dedicated database instance backups - Encryption for Cloud-Filesystem backups - Encryption for Cloud-Master backups - Ensure offsite backup servers only have read-only access to Metawerx servers, in case of breach of offsite backup server - Ensure offsite backup-areas cannot be accessed by Metawerx servers, in case of breach of primary servers - Ensure there is no offsite backup of security keys used for backup-encryption and encryption-key storage follows all Metawerx protocols |
|
Live Tail System - View logs in real-time in your browser - Support WebSockets 1.0 - Support older browsers - Support tablets |
|
Mobile/Tablet version of Customer Control Panel - Support Android, Apple, BlackBerry/RIM, Symbian, Windows Phone and Amazon Kindles - Secure Server-Side KeyRing PIN authentication system - Restart Tomcat/JBoss/Glassfish - Restart Individual Apps - Check Financial History, Balance, Pay Invoice - Browse Files with Upload, Rename, Replace, Delete, View, Download - Browse backups, Diff backups, Restore files/folders - View and Tail Logs - View Charts - View Traffic Reports - Mail Server Administration - Domain Administration |
|
Add CouchDB Support - 14 days of rolling backups - Encrypted offsite backup - Block level replication to failover server - Database failover implementation - Security investigation and lockdown - AppArmor security profile - Monitoring, including monitoring on failover device - Remote access to Couch and Futon via SSH Tunnel |
|
SiteWinder Single-SignOn System - Eliminate server-list on login screen - Single login point allows access to the primary server for the account - Automatic authentication to subsystems on separate servers using a central Auth server and SecureRandom/HMAC token system |
|
Add MongoDB Support - 14 days of rolling backups - Encrypted offsite backup - Block level replication to failover server - Database failover implementation - Security investigation and lockdown - AppArmor security profile - Monitoring, including monitoring on failover device - Remote access support via SSH Tunnel |
|
Dynamic JVM Cloud (BeanCloud) with Multi-Server Failover and Heuristic Load Distribution - Any time a JVM is started or restarted, multiple servers contribute to a vote, describing their CPU, I/O and RAM load to determine the best server to run the specified JVM - Based on the vote, the JVM is started on the most appropriate server - In the case of complete hardware failure of a Java server, all JVMs from that server immediately enter the startup JVM pool and will be started on the most appropriate server - User-Designed Page or Default Maintenance Page is displayed during the restart/migration of the JVM using Metawerx EpicFailover - Multiple cloud-controllers patrol the cluster and initiate automatic repair, identify anomolies and alert support - StandAlone mode is initiated if all cloud-controllers fail, enabling standalone servers to restart failed JVMs independently |
|
Redundant Remote-DB Gateway Servers - A critical component for companies using our Remote Database Service / Persistent DB Connections - In the case of complete hardware failure of an SSH gateway server for remote database access, another server immediately and transparently takes over incoming SSH connections |
|
Online Backup History / Online Restore - Users can access their last 14 days of nightly filesystem backup history directly in SiteWinder file-view - Easy-to-use "Restore" feature for deleted files and folders - Option to rename existing file/folder with a ".old" extension when restoring - "Restore-As" feature to restore an old version using a new name - Deleted files and folders are shown in SiteWinder crossed-out, allowing the same features as active files/folders (list revisions, restore, restore-as) - Deleted folders can be browsed directly, for restoration of individual files or subfolders contained in the deleted folder - View file/folder changes since specific backups |
|
Online Text Editor - Browser-based Text-Editor using a modified version of SourceForge CodeMirror - Make emergency changes to JSP/JS/CSS/HTML etc... - Edit server.xml or web.xml online, skip the download/edit/upload process, then simply restart their app or JVM - Save-As feature - Unified Diff-Preview and Keep-Editing / Discard-Changes mode - Editor controls for SmartIndent, TabIndent, TabSize, Theme, BracketMatch, WordWrap, Preview and SmartIndent - Preferences are saved in cookies - MouseOver help - Auto FileType detection and mode-selection - Undo/Redo, Code Folding, Syntax Highlighting - UTF8 international file support - AutoIgnore DOS/Unix CRLF differences |
|
Dual STONITH Power Controllers - STONITH means "Shoot The Other Node In The Head" - Automatically detects complete server failure (eg: network card error, system lockup) - Reboot-status monitoring / automatic recovery check and alerting system - Metawerx Power Control initiates full power-cycles of failed servers using Dell remote-access hardware - Dual STONITH servers, so if one goes down it can be auto-rebooted too, providing automated reboot-control over the entire Metawerx network and our new HA-Cluster - Dell remote-access hardware based storage level failure detection - Advanced sanity check system ensures that monitoring failures don't create false-positives, which could otherwise result in a cluster-wide cascade failure |
|
AppArmor Implementation - AppArmor provides an extra layer of sandboxing around binaries - Using AppArmor around all JVMs and databases, we have a redundant security layer over our existing Linux/Java layers - Custom AppArmor profiles for Metawerx Mail - Custom AppArmor profiles for Metawerx Mail Admin - Custom AppArmor profiles for SiteWinder - Custom AppArmor profiles for Customer JVMs - Custom AppArmor profiles for DNS servers - Custom AppArmor profiles for MySQL and MariaDB - Custom AppArmor profiles for PostGreSQL - Custom AppArmor profiles for MongoDB - Custom AppArmor profiles for CouchDB - Custom AppArmor profiles for Apache (non-Java control panels) - Custom AppArmor profiles for Subversion - Custom AppArmor profiles for FTP |
|
Redundant POP3/IMAP Mail Mirrors - Redundant Mail servers for High Availability - In the case of complete hardware failure of any primary mail server, another server must transparently take control of POP3/IMAP requests within 20 seconds - Automatic 2-way failover - Manual failover/failback capability - Support POP3, IMAP, Mail Administrator - STONITH system: Initiate a hard-reset of failed servers using Metawerx Power Control | |
Redundant Database Mirrors - MySQL/MariaDB/PostGreSQL - Redundant Database servers for High Availability - In the case of complete hardware failure of any primary DB server, another server must transparently take control of database requests within 20 seconds - Automatic 2-way failover - Manual failover/failback capability - Support all instances of MySQL, MariaDB, PostGreSQL, MongoDB, CouchDB - STONITH system: Initiate a hard-reset of failed servers using Metawerx Power Control |
|
Redundant FTP Access - Redundant FTP servers for High Availability - In the case of complete hardware failure of any primary FTP server, another server transparently takes control of FTP requests within 20 seconds - Fully automated 2-way failover within 20s - Manual failover/failback capability - Separation of FTP server from cloud storage devices - STONITH system: Initiate a hard-reset of failed servers using Metawerx Power Control |
|
Monitoring Improvements for Cloud Infrastructure - Automated creation/distribution of ERAI monitoring scripts - Cloud filesystem infrastructure monitoring - Parallel service restart to increase migration and restart performance when multiple JVMs are being relocated or restarted at the same time - Parallel alert-sender to avoid mail sends or mailserver outage delaying the monitoring loop - Parallel monitoring threads for command-based checks - Scan for offline processes separately to probe-tests to improve downed-process detection performance from ~30s to around ~90ms - FastResume checks to determine whether Tomcat is ready without waiting for timeout or using continual TCP/IP probes - Auto-detect process failure-to-start using separate timer, faster than waiting for normal full-timeout - Auto-detect when queued services already restarted manually by admin - Detect OutOfMemory exceptions, report them by email, restart the JVM - Detect High-CPU conditions and report the thread and if possible the lines of JSP code |
|
Tomcat JVM Dashboard Meters - Various metrics are available to customers so they can monitor their usage in real-time within SiteWinder - RealTime CPU Meter - RealTime Traffic Meter - RealTime Disk I/O Meter - RealTime RAM Meters (Total,Perm,Heap,CC) - RealTime Request/Response Time Meters - RealTime Session Active/CreatedPerMin Meters - RealTime GC time - RealTime HotSpot Compilation time - RealTime Stateful Firewall / Threat prevention monitor - RealTime HTTP Throttling monitor - 1 hour per minute, 300 mins per 5 minutes, 900 mins per 15 minutes, 2.5 days per hour, 10 days per 4-hour, 20 days per 8-hour, 2 months per day switch-panel - Zoom mode to see 300+ periods - Asynchronous load and cache per chart with Ajax-loader image - Fully supports Tomcat 6, Tomcat 7, Tomcat 8 - Support Tomcat 5.5 and JBoss 6.0 via custom additions - Available within customer control panel |
|
Service/System Status Page - All services should be reported on a public status page so customers can see the status of services important to them on demand - One-line global summary to see issues instantly without scrolling down the page - Display one-line global summary on SiteWinder login page if there are any alerts |
|
Cloud Storage Migration - Linux - All customer data is kept on two separate disk-arrays devices to provide zero-data-loss in case of complete hardware failure of an array - Automatic array-level 2-way failover - Manual failover/failback capability |
|
Tomcat DIGEST support - All Tomcat JVMs to be switched over to HTTP-DIGEST support to prevent the submission of plain-text passwords when using the Tomcat Manager application |
|
FTPES Upgrade - FTP systems must support TLS - All users must be encouraged to use FTPES and stop using plain FTP |
|
Mail Security Upgrade - All incoming and outgoing mail to support TLS encryption - Implement separate SSL ports and also STARTTLS for POP3/IMAP/SMTP - All mail users must be encouraged to use SSL services for email - Use salted passwords, multiple iterations |
|
Failover/Maintenance Page - If a site is being restarted or is offline, users of that site should be redirected to a Temporary Maintenance Page or Failover JVM - Each customer should be able to fully customise their Maintenance Page to fit with their site design and branding |
|
Customer Tools Upgrade to 100% SSL - All Metawerx tools including SiteWinder, webmail and administration subsystems must use SSL - FTP must use SSL, with a valid certificate - IMAP, POP3 and SMTP must use SSL, with a valid certificate |