On martin's demand, here is an experience return of using extensively on MNet and starting balancing with standard WS.
I drove from 2008 several projects of "global LMS urbanisation" highly based on Mnet strategies do divide LMS ara into administative independant, but yet consistant "zones". This was concommitant with the development of VMoodle virtualisation, leading to one single install governing all moodles in an array, largely Mnet bound. Pairformance is a 31 moodles array, using a Full Mnet topology (all node is bound to every 30 other nodes), The Académie of Strasbourg project proposes 70 singular school moodles in an array start connected to one central common unit. Paris Descartes University was installed with 13 VMoodle nodes in an enhanced Mnet auth integration so called MultiMnet, to resolve the "unique identity at every outside door (even unregistered)". All these projects could lead me to very extensively measure strengths and weaknesses of Mnet, from a functional and exploitation point of view :
- Weaknesses :
1. Key obsolescence breaking Mnet based web services / Users explicit romaing repar keys, Underlying cross platforms web services do not. We added in VMoodle a special automated key renewal (inside trust network), that works strongly since years without special care. Indeed, in case of severe perturbation (DNS break) during key renewal, this can mess largely the array, and ask me to use my massive weapon (global key renewal script)
2. Crossing information builds too many and hard to work with dependant information using remote enrolment. We actually dicard any use of remote enrolment, prefering implement a "user propagation and ask remote for enrolement" strategy, linking data much less than Mnet enrolment.
3. Multijumping from A to B, A to C and A to B to C : creating a mess of identities in C (a from A and a from B). This is easy to adress and has been resolved mostly in all our installs.
4. In some topologies (star topology), unicity of user is not guaranteed (say start moodle is S, a in A and a in B leads to 2 identities in S : a from A and a from B – we have this for public education teachers having assignation in two schools). This is under resolution.
5. Mnet has no intrinsic user identity transport when exchanging Mnet requests, the question of the remote capabilities of the calling user of the request needs to be developped in each function. My implementation of this is a bit weak and does not have standard fallbacks to drive user with a comprehensible fedback (actually makes big Moodle error, logical, but not user friendly).
Apart of those real use cases and tricky situation, and apart some roughness of the Mnet code, regarding to much "higher OO conceptual implementations, Mnet as conceptual advantages in terms of service management. So let us make some advocacy in favour of Mnet :
1. Clearness of the platform cross service agreement : The process of cross exchanging Mnet identity makes the environment network topology predictable and drawable.
2. Service organisation : While WS also present a service level definition, this one is much less formal and clear to map and monitor. The service definition in Mnet is a real good tool to design complex multi-node topologies, and formalize network service organisation. I fear we loose that easy to view architecture in a global WS system that will not differentiate any more what are internal services (structural) and what are external services (bridges, connectors, extrinsic integration). Using actual WS service definition would lead to a big work of the administrator to build and assemble webservices on each node, while Mnet just asks to enable/disable them to build the service topology).
3. The excellent "remote view of service states" when binding symmetric services.
4. Strongly dividing load on each plaform : a 50.000 students organisation falls to 10 units of 5000 students + some shared accounts that are not o many.
5. Allows distinct decisions of adminiistration and administration delegation to school departments in an autonomous way. Say a Litterature and Humanities dpt has not same needs and organisation than a Science dpt.
I noticed that initial use of mnet was thought in an open thinking of crossing information between institutions. My local experience in France is that it is never used indeed between institutions, (so for example the hub full open concept), but yet extensively of interest for urbanizing internal construction within an institution or relative institutions.