i've been hesitating to post this for a couple of days, but today is a good day to become flamebait of the week - so here goes... (if this is off topic, not of interest, utter crap, ... - feel free to moderate it into oblivion)
Since a comparison between different control panels and ISPConfig was asked for in a different thread and ISPConfig v3 is going to include support for managing multiple servers, i'd like to propose something ..um.. pretty radical as a possible roadmap for the future
Please have a look at the attached diagram.
Still with me? Good, then let's have some explanations.
With a single machine control panel you have a MTA,Spam-Checker,Antivirus,Control Panel,Webserver,Databaseserver,... on every machine you deploy. Why not distribute the services onto different machines? Do it the H-Sphere or Helm way: start small with a dedicated control panel server and a web/db server and dedicate one or more machines per service as you grow.
That way you have a single point of contact for the users to sign up and administer their hosting package(s). With a dedicated configuration server you can even have more than one control panel servers.
Need more horsepower for the webservers - pop in another box and distribute the customers. If set up as a SSI-cluster this should be close to a no-brainer - talk about power on demand (TM). Same goes for the Database boxes.
In the following I'd like to add a couple of remarks concerning "Logfile Analysis", "Monitoring and Surveillance", "Config Server" and "Content Inspection":
leave the processing power where it belongs: to the customers webpages. Creating statistics for 50 or 100 customers may not be much of an impact, but what if you have a "couple" more on a box ? Additionally, traditionally every machine would do reverse DNS lookups for the stats - why not centralize the DNS-cache one one box and add some spiffy things like GeoIP to it ?
"Monitoring and Surveillance":
primarily of interest in order to get a heads up as soon as a parameter shows a tendency of leaving the green sector. As a side effect, this can be used to give the customers some insight into the performance of their hosting package and to prove that the service was inside the SLA.
in the depicted setup, this service clearly is the achilles heel. You fry this box , you're toasted. Given the easy replication of LDAP this situation might be ameliorated a bit. As a side note one might replicate the list of known users to the SMTP servers in order to reject messages without valid recipient before they enter your system (thereby avoiding Spam- or Virus-bounces).
This service does Spam and Virusscanning for inbound, outbound and "deflected" (more to that in a second, hold on) messages on a per domain or even per user basis. A single point of inspection (service-wise not box-wise
allows for the deployment of a commercial antivirus-solution with much less financial impact than the integrated one-box-does-it-all approach. Not that clamav wasn't a good thing - i just think that certain commercial scanners are doing an exceptional job concerning detection rate and fast updates.
If you're doing business in Germany you'll sooner or later have to cope with a very strange law forcing you to make provisions to hand over all inbound and outbound email along with login/logoff timestamps for a given customer to federal agencies (and I'm sure other countries already have or will have legislation like this in the near future) . This single point of inspection should be able to support just that.
If you want emails that one of your customers sends to another one of your customers (Customer to Customer messages) to be subject to scanning and potential "federal access", the emails will have to go through Content inspection and be handed ("deflected") back to the POP/IMAP servers.
Still with me? Wow, I'm impressed - so whaddaya think about this? Provided that there exists a growth path in the like of H-Sphere and Helm, could this be a road for future development?
So, Ladies and Gentlemen, please start your flamethrowers (but grant me a head start to scramble for shelter
Thanks for bearing with me,