Future of GlowInner GeekWeb Design

Glew Scalability and Security

Earlier today I read a great piece by Paris Gourtsoyannis of Holyrood magazine.  The item was focused on what happens next with the ICT Excellence Group report and raises some concerns that I have expressed in other posts about Office 365 Wave 14 and it’s support for mobile devices.  I’ve written several posts about Glew, which is also mentioned in the article, but I thought it would be good to answer some questions posed by “Concerned Parent” at the end of the article.  What I’m going to do is paste in the questions in bold and answer them, directing my answers at the individual who posed them. Here goes!

“my understanding would be there could be as upward of 1 million user accounts, this would need substantial infrastructure to support this, Does GLEW currently have this scalability on its existing infrastructure…” – Concerned Parent

20091028-whitehouse-drupalWell, actually the core Glew platform is built using Drupal, a scalable opensource content management system.  There are quite a few large sites that you may have heard of that use the same technology. Take two examples: whitehouse.gov the official site of the president of the USA, petitions.whitehouse.gov (where millions of Americans start and vote on petitions to the president). Both these sites register hits in the millions, are attacked on a daily basis and hold secure data.  I don’t think the USA government would deploy an insecure unscalable platform.  In fact, they contribute back to the development of the Drupal platform (you can see their Drupal contributions at http://www.whitehouse.gov/developers)

Is Glew scalable on it’s existing infrastructure?  Yes probably up to 5,000 concurrent users (which is just about the maximum concurrent users on Glow at the moment) but Glew as it is configured at the moment is a development/testing environment and not a production site. In production, with load balancing and server fallback it should scale to pretty much any size required.

“GLEW looks nice i can say that, but is it a bedroom project and totally scalable … No not in its current format,…” – Concerned Parent

simplesamlphp-sThat’s a bit of an assumption and not based on the fact that Glew is built on valid opensource software that is already proven to scale in a variety of different deployments.  For example, Authentication and Single Sign On in Glew is handled by SimpleSAMLphp, an opensource lightweight implementation of SAML2 and Shibboleth (the authentication standards used in the current Glow).  This authentication technology is used in large scale deployments around the world and in the UK is used by Cardiff University, Pearson Fronter UK, University of Kent, Loughborough University and many more. It’s a well proven technology and scalable.  Glew uses memcached technology on it’s servers to hold data in memory rather than writing to disk or database. This improves the scalability and performance of the system. Again, memcached is a proven server technology and used on systems such as Last.FM, Facebook, Wikipedia, WordPress, Twitter, Tumblr etc. etc.

Mark Zuckerberg working in his bedroom on Facebook circa early 2004.
Mark Zuckerberg working in his bedroom on Facebook circa early 2004.

As for bedroom project? The beauty of opensource software is that the best tools are available to everyone. All I’ve proven with Glew is that you can develop a scalable, secure, adaptable system using these tools and make it attractive to users.  Er…and I know of two “bedroom” projects in the last eight years that seemed to do ok. Pete Cashmore, a pupil from Banchory Academy in Aberdeenshire (not far from my home) started a technology and social media news and blog site from his bedroom several years ago. It’s called Mashable and he sold it to CNN last year for over $200 million. And the other one is Facebook. So don’t knock the bedroom project – big IT doesn’t always get it right.

“does the current GLEW admin/designer have the knowledge to scale this up to what is needed and is currently running in the GLOW infrastructure..I wouldn’t think so” – Concerned Parent

Sorry, but if you knew my background you would know that I’ve operated a web design business for the last 10 years. In fact, my largest client, a Scottish discount voucher company, grew from 60,000 to over 300,000 users in the 6 years that I provided services to them. Supporting sometimes as many as 20,000 concurrent users, I developed and deployed Payment Card Industry data security standard compliant e-commerce systems (i.e. servers and software that meet the standard required to process credit and debit card details) processing customer banking details and personal data. So, I have experience of supporting large scale systems and making it happen.  In fact, before I became a teacher, I developed software for the offshore oil sector so I know quite a lot about mission critical systems.


Glew is designed to be scalable, adaptive, mobile friendly and secure. It’s not perfect, no system is, and it’s still in development, but the technology used is very well tested.  I’d love to have a further conversation with you about any of your concerns so please feel free to get in touch.


  1. Rich Saunders

    “I don’t think the USA government would deploy an insecure unscalable platform” – Lets not be niave Charlie! Have you heard of Anonymous? 🙂
    and attacks such as:

    I also think scaleable isn’t just about technology, servers and infrastructure as you have focussed on here. It’s also about people, support and resource. I know what how you might respond to this – ‘well it’s open source so it’s supportable across the masses’

    It’s also interesting to list other successful “bedroom” projects but they are a drop in the ocean against the amount of “bedroom” projects that are likely to be taking place around the world. Only 0.0000001% are likely to become such a success I guess.

    Certainly a thought provoking and clever response to “a concerned parent” on someone elses blog but I don’t think it truly addresses all the issues raised in a non biased format.

  2. Charlie Love

    Thanks for the comment Rich. I think we all know that increasingly all systems are coming under-attack from bots and hackers. We need to be vigilant against this. I certainly have deployed Drupal in the past and had it certified as PCI compliant. As I said, no system is perfect but using the same proven tech as other big systems does offer some level of reassurance.

    The scalability in the comment on the Holyrood blog was focused on server infrastructure so I answered it from that perspective however, you are correct, offering a service does require people/support etc. Glew, as I have always said, is a proof of concept. It is funded from my own pocket – and I think could potentially offer a deployable opensource solution to education users that doesn’t cost millions – and if someone deployed Glew they would then, I’m sure, support it with their own resources.

    I’m not sure where your second last paragraph is going – much of the opensource community are “bedroom” developers who support the community in their spare time from their main development jobs – WordPress, Media wiki, Moodle, Filezilla, Apache, Mozilla Firefox, Chrome are all opensource projects so it’s not a rare phenomenon.

    I’m holding up Glew as an example of what an agile team could create using the best free and opensource software. My bias is, that I want the best system for Scotland’s learners at a price we can afford, with Glew as a proof of concept, perhaps we can consider the opensource alternative.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.