If you have a busy, data-driven website it's advisable to spread the 'webserver' load over a couple of servers, and have a backend database server. This tutorial explains how you can build such an environment for yourself with the Web Drive Cloud.
- You can use one single IP address; It's more cost-effective than multiple public IP addresses.
- The built-in load-balancing ensures each web server takes only 50% of the traffic. You can scale this up with either more resources for the servers, or adding more servers to the your load-balanced environment.
- Running SSH on custom ports avoids the common brute-force attacks that target default ports.
- Safer practice to avoid various attacks, as public IP and NAT rules can be changed very easily.
- The MySQL server is unreachable from the internet, and only communicates with your webservers (other than SSH via a non-standard port, if required in production)
How to Set Up:
This knowledgebase article assumes:
- You already know how to set up Secure Shell (SSH) to one of your Servers. (Please see How to set up Secure Shell - SSH).
- You understand how to use various public-facing ports to point to different private servers (Please see Using one public IP address to connect to several cloud servers.).
In the example below, we have two web servers sharing the load of generating the web pages. Each server uses the standard SSH port (22) on its internal IP address. These are unreachable from the internet, however the single external address has multiple, non-standard ports open, each of which point to the standard ports on the internal range. Each server also receives 50% of the incoming requests.
'Behind' these web servers we have a standalone database server which is inaccessible from the net, which will carry the load of fetching the data for the webservers.
Note: If you plan to use the web servers to handle file uploads (for example a Joomla or Wordpress scenario) then you'd need to add a file server capability to the backend - either via the database server or by adding a separate fileserver (NAS) server.
Examples with IP addresses:
- 22.214.171.124 port 80 points to 126.96.36.199 port 80 AND 188.8.131.52 port 80
- 184.108.40.206 port 1903 points to 220.127.116.11 port 22
- 18.104.22.168 port 1904 points to 22.214.171.124 port 22
- 126.96.36.199 port 1905 points to 188.8.131.52 port 22
- All three servers communicate MySQL traffic on port 3306, which cannot be reached publicly.
This is an effective setup with good security and a single public IP address for a busy data-driven application or site.