New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
The first challenge, would be getting a KS1 outside GRA.
13 orders, gave me 4 servers outside GRA.
Second one is quite easy, you add 2 A records to your domain, if GRA burns down, because wood, every recent browser will try the second IP, will add some delay but you should be fine.
Additionally, you can remove the first IP via monitoring.
reverse proxy (caddy) would be my choice
Cloudflare + add both IP as "A" records
That will rotate servers to clients.
Now to get automatic failover you need to do healthchecks and then remove "A" record of non-working server. Cloudflare will point all traffic to working server then.
You can either pay for CF Load Balancer to do it or program it yourself (health check + remove IP via Cloudflare API if its not healthy)
Another option is using Cloudflare Workers as Load Balancer, see "Load Balancer with Fallback". It will be very cheap or free.
https://blog.cloudflare.com/update-response-headers-on-cloudflare-workers/
If I use caddy to failover 2 KS1, the total price will be $12/m, less than KS3 with 2tg raid 1. Failover supposes to have much higher reliability? Am I thinking right?
Two servers with no raid will have a lot better uptime than single server with raid, because not only you are safe from disk malfunction, but also CPU, motherboard, power, random kernel crashes etc. and if you get different location then also from network issues, fiber cut etc.
Two servers is always way to go. RAID can fail. Two different machines in different places... not so easy.
well for the reverse proxy you need another machine (cheap vps for a euro per month). Caddy will do the health checks for you and also issue the ssl certificate. The thing with the a records is that getting certificates with acme could be a little bit tricky, because its a round robin and you never know which machine is answering the challenge. So cloudflare with enabled proxy could be an option too. You can monitor then both ips and add or delete as you want to via their api, and you do not need to worry about the certificates. But I guess the caddy way would be the easiest.
That will probably be more powerful than the KS-1 it's proxying!
Thanks for the detailed explanation, AXYZE.
How to automatically synchronize both phpbb user info and mysql database, like very 10 minutes?
This means that I can use 2xKS1 and 1xvps Caddy totally $13/m, almost the same as $12.99 KS3, yet provides much better redundancy?
I'm not sure about phpBB3 so I could be wrong, but I would:
Synchronize two disks via rclone so they have the same phpbb content (uploads etc.)
MySQL replica
https://www.digitalocean.com/community/tutorials/how-to-set-up-replication-in-mysql
You can wait for someone experienced in phpBB3, maybe there is better way
You dont need additional Caddy VPS, it wont give what you need, because not only these Kimsufi need to work, now also Caddy needs to work at the same time.
If Caddy VPS fails and 2x KS1 still work then website wont work.
This is method for pure load balancing, completly not suitable for your case.
This method would be nice if you would have like 2x Caddy VPS and then 4x+ KS1. Just for 2x KS1 stick to DNS-based load balancing/failover like on Cloudflare.
Thank you, AXYZE. Very helpful already.
Probably in the future when I know how to do this approach, I will do larger failover cluster on mission critical production site as you mentioned. Very nice though!
For the vps, I guess that I need Hetzner or Terrahost etc that provide 10 gbps, so that each user may have true 100 mbps, matching KS1's 100 mbps dedi port?
So Cloudflare and 2X KS1 is the way for my current low traffic phpbb site.
Just 2 KS1, it is actually cheaper than 1 KS3.
Not sure about Cloudflare fee, will check.
Thanks.
Free if you use the API from another machine to accomplish what you need.
$5/mo fllat fee if you choose to use Cloudflare Load Balancing to automate it.
More complex if you choose Workers, but free if under 10,000 requests/day and 1,000 requests/hour: https://developers.cloudflare.com/workers/platform/pricing/
If you dont want any additional fee :
Free HetrixTools for server monitoring + remove non working "A" server manually when you get alert from HetrixTools.
OR
Make app yourself. First do health checks, then if they fail remove "A" records via Cloudflare API. You can do healthchecks on both KS1 - first checks second and vice versa. No need for additional VPS.
Probably Hetrix tool first. Later may consider automation.
$5/m then I can use all these bmds with only one 1 tb or 2 tb hdd or 1 ssd disk, well worthy it.
Can Cloudflare handle the KS1's 100 mbps dedi port speed?
Yes, easily
Thank you. Seems Cloudflare with KS1 army is the way to go.
To be clear the $5/mo is only for 2 origin servers, it scales with how many youre balancing between. The posts by @AXYZE detail cheaper/free ways to do things.
Because you are running phpBB which uses Mysql , it will not be straightforward as you may think. There could be two scenario :
1. Load balancer
2. Pure failover
When you figure out your load-balancer method, you still have things to work out like,
In both cases you have to make sure that if user is going to either server, he gets the current data. You can't go Master-Slave configuration as suggested earlier. You will need to go master-master Mysql setup. You may also go for Galera Custer .
In load balancer mode, you will next also take care about session consistency for user. phpBB can use redis / memcached for that. Although if database session is being used then master-master replication will solve it already.
You are totally right. phpbb seems not so good at clustering comparing to other application server based apps. I will try to learn the way you mentioned. Thank you very much for your experienced insight.
So, I was bored.
Moved my https://wiki.x8e.net to my baguette cluster.
We got:
1x KS1 in Gravelines 1
1x KS1 in Roubaix 4 ( shadow)
1x Avoton in Paris
Could also used a KS1 in RBX5, however the DC's are to close.
In different DC's and some on Different Networks.
2-5ms in-between them.
Storage is replicated with gluster, connected via mesh vpn (wireguard).
Everything from ssl to nginx configs and the wiki itself runs on gluster.
So no local config files or local mess.
Round Robin with the 2 IP's will do the rest, no external monitoring needed for now.
Will this cluster survive a possible SBG in GRA? yes
Would it survive a possible RBX? no
It can loose 1 node, if we loose more than one, toast.
To compensate for a possible RBX, it would be necessary to run 5 nodes.
Sadly, I got only 4 nodes for this, I need 5.
I could not find any cheap other Provider on a different Network with the same pricing and specs.
Performance wise, I managed it to bring it below 1s FTTB, however its still not performant enough, will do need to do more tweaks.
If anyone has tips, lemme know.
Another hacky option: have each machine run a DNS server and be authoritative for the domain (with an extra step you could delegate a sub-domain this way too) but each only returns its own address in response to requests, with a really short TTL. Normally each machine should see traffic as the name servers are used round-robin, if a machine goes offline it stops responding so the other will be used by downstream resolvers so requests get redirected automatically (once the TTL has expired).
You would basically be (mis)using standard DNS behaviours to handle fail-over.
Want to drop a machine from circulation? Just stop it. Remove the NS entry if you want it off permanently. Adding a new machine? Just set it up the same way, copy in the content, and add the NS entries.
Of course this has a number of disadvantages:
But for static (or otherwise low-state) content where fail-over is the key feature (i.e. balancing is at most a nice-to-have), it should just work.
Here's my script that updates the DNS as described:
https://github.com/mwt/monitor-dnsupdate-cf
It only works for Cloudflare. It does a check with curl and changes the DNS if curl times out.
As explained here:
https://blog.l0cal.com/2015/04/30/using-dns-as-a-cheap-failover-and-load-balancer/
For basic needs, it works. Throw extra features in the equation (e.g. SSL, or DNSSEC with live signing) and it becomes (w)hack-ish.