Moodlerooms, Inc

Moodle Hosting

With the ability to scale Moodle to 1 million concurrent users in a load balanced and redundant environment, Moodlerooms is the world's premier Moodle hosting environment. Below are the details of the hardware and software Moodlerooms uses to create a scalable, fast, secure and accessible Moodle hosting environment.

Moodle Hosting Architecture

Moodlerooms has built a world class datacenter using current best practices for maximizing operational effectiveness and security. All computing servers are the latest enterprise server technology from Sun Microsystems with a mix of Sun Fire ‘Niagara’ and ‘Galaxy’ servers. Moodlerooms also makes use of Sun StorageTek Storage Area Network (SAN) technologies.

Specifically the servers in the data center consist of the following models:

• SunFire 4100 x64
• SunFire 4200 x64
• SunFire 4600 x64
• SunFire T2000 Niagara

Every server has the Sun 'Lights Out' facility for remote monitoring and management.

The Sun Fire ‘Niagara’ servers are optimized for highly scalable multi-threaded applications such as web servers and application servers. The ‘Galaxy’ line of servers utilize four-way AMD Opteron based architectures for maximum compute power and density. Moodlerooms hosts Moodle instances running on an optimized version of the ‘Cool Stack’ for both architecture platforms. The ‘Cool Stack’ is a variant of the commonly used Open Source Apache, MySQL and PHP (AMP) platform that has been compiled with performance settings specifically for the Solaris 10 operating system.

Moodlerooms runs MySQL 5 enterprise with a Platinum support contract from MySQL. Each database is a trusted build from MySQL optimized for Solaris 10 and are deployed into zones for independent management and fail-over.

The Sun Fire Servers are networked in a cross-patch style with failover switches for redundancy. All network traffic is handled using Virtual Private Networks (VPN) for security and efficiency.

Moodlerooms works very closely with the Sun Engineering team to continually optimize the hardware and software stack for maximum efficiency and scalability. The Moodlerooms configuration is a Reference Architecture for the Cool Stack running PHP applications on Solaris 10.

These hardware and network elements, allow Moodle to run in a world-class highly optimized environment.

Security

Moodlerooms invokes both technical and human strategies to secure its important online hosting data.

• Security ports closed (ssh, sftp, etc.)
• Engineer only access via VPN and Sun Remote Server Access
• Biometric scanning for engineers at datacenter
• Client access via Moodle Admin
• Redundant Cisco firewalls

Servers and Configuration

• Server racks built of Enterprise Sun Servers running Solaris 10
• Optimized for both the Solaris operating system and the hardware stack
• Running Mysql Enterprise Server 5.0 database with monthly rapid updates and quarterly service packs
• 99% uptime with software fail-over and redundant hardware configurations
• Cisco ASA pix and switches to direct our current 100Mbps of available bandwidth
• Every Moodle instance is backed up with on-site tapes and off-site storage synchronization
• Server virtualization and Solaris containers are used to scale horizontally and serve very large installations

Moodle Authentication Methods

• Manual accounts - accounts created manually by an administrator
• No login - suspend particular user account
• Email-based self-registration - for enabling users to create their own accounts
• CAS server (SSO) - account details are located on an external CAS server
• External database - account details are located on an external database
• FirstClass server - account details are located on an external FirstClass server
• IMAP server - account details are located on an external IMAP server
• LDAP server - account details are located on an external LDAP server
• Moodle Network authentication - how different Moodle sites can connect and authenticate users
• NNTP server - account details are located on an external NTTP server
• No authentication - for testing purposes only
• PAM (Pluggable Authentication Modules) - account details come from the operating system Moodle is running on, via PAM (can only be used Linux/Unix).
• POP3 server - account details are located on an external NTTP server
• RADIUS server - account details are located on an external RADIUS server
• Shibboleth - account details are located on an external Shibboleth server
• NTLM/Integrated Authentication (contributed plugin prior to Moodle 1.9; is part of the LDAP authentication plugin from 1.9 onwards).

The Moodlerooms Datacenter

Moodlerooms' datacenter (built by Moodlerooms with our partners at Sun Microsystems) is located at a Level 3 facility, which provides Moodlerooms' clients with a direct connection to the nation's largest, NexGen fiber-optic network. The Level 3 Network today operates as one of the world's newest and most advanced telecommunications platforms. The network delivers services to customers in major markets across the United States and Europe. It serves a substantial number of the world's largest and most sophisticated communications companies, including inter-exchange carriers, local phone companies, European PTTs, cable operators, ISPs, wireless companies, content providers, and media and entertainment companies.

In addition to Moodlerooms, others who use Level 3 network include:

• 19 of the world's top 20 telecom companies
• 9 of the 10 largest telecom carriers in Europe
• 9 of the top 10 U.S. Internet Service Providers (ISPs)
• 9 of the top 10 U.S. cable companies
• 3 of the top 4 telecom companies in Asia
• Top 5 U.S. Wireless Service Provider

Lastly, Moodlerooms data center is connected to the L3 network by two OC-192 connections which offers connectivity redundancy (OC-192 is a network line with transmission speeds of up to 9953.28 Mbit/s (payload: 9621.504 Mbit/s; overhead: 331.776 Mbit/s). This is the fastest connection commonly available on the internet. OC-192 connections are the preferred for use on the backbones of large ISPs.

• T1 speeds = 1.544 megabits per second
• T3 speeds = 44.736 megabits per second
• Moodlerooms' OC-192 = 9.6 gigabits per second

Additional Facilities Advantages

• N+1 electrical design and distribution, including redundant UPS and battery backup
• Automatic Transfer Switches ensure smooth transition to backup power
• 24-hour back-up generator — enough capacity to power more than 2,242 homes
• 99.999% power availability
• At least 125 watts/sq. ft. of primary breaker power
• Temperature of 72 degrees +/- 6 degrees
• Humidity at 50% +/- 10%
• Dry-piped, double-interlocked, pre-action fire protection system
• 24 x 7 security monitoring
• Biometric Palm Scan and Photo ID access cards required to enter colocation area
• 24 x 7 Closed-Circuit Video Monitoring and Logging with backup tape storage Network
• True diverse fiber entrances
• CLLI code of BLTMMDSN
• NPA-NXX of 410-230

Moodle also offers a complex user role system for access control of items. Access is controlled via a four layer matrix: A role is an identifier of the user's status in some context. For example: Teacher, Student and Forum moderator are examples of roles. A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, mod/forum:replypost is a capability. A permission is some value that is assigned for a capability for a particular role. For example, allow or prevent. A context is a "space" in the Moodle, such as courses, activity modules, blocks etc.

Get Started Today