Building and Scaling a Website – Part 2

Posted on by Mohammed

Scaling

In Part 2 we will further scale your website to use 3 servers with a Load Balancer, Private Network, and Shared Storage.

One Server will act as the MySQL Server while the other 2 will Load Balance to handle Web requests.

Shared Storage

1). In the IONOS Cloud Panel go to Infrastructure > Shared Storage > Create

Make sure to assign it to your current Cloud Server you configured in Part 1.

2). Next click on Access in the top-right and go to

Kerberos configuration: Download File

3). Transfer or copy the files within to /etc

4). yum install -y nfs-utils

5). systemctl enable nfs-secure

6). systemctl start nfs-secure

7). reboot

8). mkdir /shared

9). vi /etc/fstab

vid1557507882.nas2.lan:/vid1557507882 /shared nfs sec=krb5 0 0

10). hostnamectl set-hostname mywebsite.com

11). mount -a

12). df -h

Filesystem                             Size  Used Avail Use% Mounted on
/dev/mapper/centos-root                 28G  2.1G   26G   8% /
devtmpfs                               223M     0  223M   0% /dev
tmpfs                                  235M     0  235M   0% /dev/shm
tmpfs                                  235M  9.5M  225M   5% /run
tmpfs                                  235M     0  235M   0% /sys/fs/cgroup
/dev/sda1                              509M  200M  309M  40% /boot
vid1557507882.nas2.lan:/vid1557507882   50G  128K   50G   1% /shared
tmpfs                                   47M     0   47M   0% /run/user/0

13). cp -a /var/www/mywebsite.com/ /shared/mywebsite.com

14). vi /etc/httpd/conf.d/mywebsite.conf 

<Directory "/shared/mywebsite.com">
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^(.*)$ https://mywebsite.com/$1 [R=301,L]
</Directory>
<VirtualHost *:80>
    ServerName mywebsite.com
    ServerAlias www.mywebsite.com
    DocumentRoot "/shared/mywebsite.com"
</VirtualHost>
<VirtualHost *:443>
    ServerName mywebsite.com
    ServerAlias www.mywebsite.com
    DocumentRoot "/shared/mywebsite.com"
    SSLEngine on
    SSLCertificateFile "/etc/letsencrypt/live/mywebsite.com/cert.pem"
    SSLCACertificateFile "/etc/letsencrypt/live/mywebsite.com/chain.pem"
    SSLCertificateKeyFile "/etc/letsencrypt/live/mywebsite.com/privkey.pem"
</VirtualHost>

15). useradd nfs

16). passwd nfs

17). su nfs

18). kinit nfs/uid929361.nas2.lan -kt /etc/krb5.keytab

19). crontab -e

1 * * * * kinit nfs/uid929361.nas2.lan -kt /etc/krb5.keytab

20). exit

21). vi /etc/httpd/conf/httpd.conf

User nfs
Group root
<Directory "/shared/mywebsite.com/">
    AllowOverride all
    # Allow open access:
    Require all granted
</Directory>

22). chmod 755 -R /shared/mywebsite.com

23). Check to make sure your site’s .htaccess only shows the following:

cat /shared/mywebsite.com/.htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

24). apachectl -k restart

SSL

1). mkdir /shared/ssl

2). cd /shared/ssl

3). git clone https://github.com/certbot/certbot

4). certbot

5). mkdir /shared/keys

6). ./certbot-auto certonly –webroot -w /shared/mywebsite.com/ –register-unsafely-without-email –config-dir /shared/keys -d mywebsite.com

7). vi /etc/httpd/conf.d/mywebsite.conf

<Directory "/shared/mywebsite.com">
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^(.*)$ https://mywebsite.com/$1 [R=301,L]
</Directory>
<VirtualHost *:80>
    ServerName mywebsite.com
    ServerAlias www.mywebsite.com
    DocumentRoot "/shared/mywebsite.com"
</VirtualHost>
<VirtualHost *:443>
    ServerName mywebsite.com
    ServerAlias www.mywebsite.com
    DocumentRoot "/shared/mywebsite.com"
    SSLEngine on
    SSLCertificateFile "/shared/keys/live/mywebsite.com/cert.pem"
    SSLCACertificateFile "/shared/keys/live/mywebsite.com/chain.pem"
    SSLCertificateKeyFile "/shared/keys/live/mywebsite.com/privkey.pem"
</VirtualHost>

8). apachectl -k restart

9). crontab -e

0 23 * * * /shared/ssl/certbot/certbot-auto renew --register-unsafely-without-email --post-hook "apachectl -k restart"

MySQL

1). mysqldump -uwordpress -p wp > backup.sql

2). Login to your new Server you have assigned to be your MySQL Server

3). Transfer the backup from step 1 to it.

4). yum update

5). vi /etc/yum.repos.d/MariaDB.repo 

[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.2/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

6). yum install MariaDB-client MariaDB-server

7). service mariadb start

8). mysql_secure_installation

9). /etc/my.cnf.d/server.cnf

bind-address=0.0.0.0

10). service mariadb restart

11). mysql -uroot -p 

Create DATABASE wp;
CREATE USER 'wordpress'@'%' IDENTIFIED BY 'Xsfd2V^dg1';
GRANT ALL PRIVILEGES ON *.* TO wordpress@'%' IDENTIFIED BY 'Xsfd2V^dg1' WITH GRANT OPTION;

12). mysql -uwordpress -p wp < backup.sql

Private Networking

1). In your IONOS Cloud Panel shutdown both servers

2). In your IONOS Cloud Panel go to Actions > Clone to make an identical copy of your current webserver.

3). In your IONOS Cloud Panel create a new private network.

Assign all 3 servers to this same network.

4). Assign the now Cloned Web Server to your shared storage

4). Restart your servers

5). Login to your first server

6). ifconfig

You should now see a new interface that you didn’t have before

7). vi /etc/sysconfig/network-scripts/ens224

DEVICE=ens224
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.0.1
NETMASK=255.255.255.0
USERCTL=no
VLAN=yes

8). ifup ens224

9). Repeat steps 5-7 and be sure to adjust the device name and to use new IPs on line IPADDR, 192.168.0.1, 192.168.0.2, etc

10). You should now be able to ping using the new private IPs between the servers

11). vi /shared/mywebsite.com/wp-config.php

/** MySQL hostname */
define( 'DB_HOST', '192.168.0.1' );

12). systemctl stop NetworkManager.service

13). systemctl disable NetworkManager.service

14). systemctl enable network.service

15). systemctl start network.service

16). vi /etc/rc.local

ifup ens224

17). chmod +x /etc/rc.local

Load Balancing

1). Create a new Load Balancer in your IONOS Cloud Panel

Assign only your 2 Web Servers to it

2). Configure it how you want but my preferred settings are: 

Health Check: ICMP Test ( 5s ) 
Persistence:No
Balancing procedure: Round Robin

If you are running a online shop you will want to have Persistence enabled to ensure a better online shop experience.

3). Update your Website’s DNS A record to point to the new Load Balancer IP.

Conclusion of Part 2

You have now created a scalable cluster of 3 servers.

In the future if you need more or less resources for Apache you can clone or remove one of your Web Servers . Make sure to add them to the Private Network or Load Balancer if adding more and configure the LAN interface on a new IP as well.

In Part 3 we will explore creating a scalable MySQL Cluster to handle increased MySQL load as well.

  0 people found this article useful

Mohammed has written 63 articles

2 thoughts on “Building and Scaling a Website – Part 2

  1. Hairstyles Look says:

    Just desire to say your article is as astonishing. The clearness in your post is simply nice and i can assume you’re an expert on this subject. Well with your permission let me to grab your feed to keep updated with forthcoming post. Thanks a million and please continue the enjoyable work.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>