Hi Everyone,
I’m new to security and load balancing techniques and hoping to learn them in case I need to in the future. I’m a webserver newbie hoping to learn and apply advance techniques. Any help or links to tutorials would be appreciated.
Currently. my 1 VPS server will composes of:
- wordpress multisite
- a custom-php dating site
- a chat app called that will be attached to my dating site and primarily uses text, and it’s caching can be externally offloaded to a Chatservice or other memcached service like Memcachier. Currently, the chat “data and objects are stored in RAM instead of a server or external source,” and for every 1000 users, it accesses the database 2 times every minute.
For now I’m on development and planning phase. I was told that the chat app will be RAM intensive and might require 4GB to 8GB to serve 100-1000+ concurrent users, hence I’m exploring scalability options.
The other options is to use their the Chatservice" to offload MEMcached processes at prices and msg exchanges, respectively:
$7 100K
$15 500K
$40 5mil
$79 unlimited
My goals:
-
Keep overall cost under $60 USD and retain more benefits if I can have a Digitalocean networking solution instead.
-
Start with Layer 4 load balancing and hopefully move on to 7 if advised.
My questions are:
- what kind of load-balancing setup would be ideal for the chat app? What are the usual costs for Layer 4 and Layer 7 with private networking?
- Not ideal= one option is to load balance multiple servers that lumps in websites and chat app together -Ideal = have a separate Memcached Server just for Cometchat (but clients has to connect to the database servers for Login first). I feel this is my ideal solution, but lack the know how.
-
Reading the DO tutorials led me to this slightly modified diagram for an ideal setup: http://www.lumiereyeg.ca/wp-content/uploads/2016/09/Ideal-setup-1.png with 2 isolated memcached servers (hmm, better 3?) Would this work ideally? Is it possible that the chat app can have it’s own Ha-proxy loadbalancer and be connected to a Slave database or a Redis+mysql instance? (security wise, what’s the ideal server app between a haproxy and the memcached cluster so SSL is applied?)
-
Correct me if I’m wrong: I hope to serve Canadians in the Alberta province and the only Canadian server is Toronto (not quite PCI compliant until later this year). So, it’s one option to use the San Francisco server for Memcached instance as it’s 500 miles less. Lastly, is it possible to private network with other VPS servers that is not digitalocean? Are there risks?
-
Lastly, if 4GB RAM is optimal for 1000+ connection, would 1 GB x 2 memcached server suffice and I slowly increase?
Thanks so much for any help. I certainly need to practice and test things out. Links to the right tutorials would help.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi Ryanpq, Thanks so much for your reply. I think I’m wayyyy over my head learning complex techniques for a website that hasn’t reached significant traffic yet.
To keep it simple, I’m hoping to use (1) web server and the (2) for chat and scale up the ram as needed. Then pray I don’t get hacked or get too many DDOS attacks that it’s a regret I didn’t plan for Layer 4 or 7.
Your answers really made me aware of the other questions I should know and hopefully with time I’ll get to the solution.
Take care for now :)
1.) From what you’ve described, this chat app imposes some special considerations on how (and if) you load balance it. If it stores all active session data in RAM, how will that data be replicated across nodes? I think the first thing will be to investigate whether you can use a multi-node setup for this app without custom coding.
2.) It could. Again it will depend on whether Redis can be used to make that session data available across nodes for the chat application.
3.) PCI compliance is generally a server level certification meaning that it’s dependent on the configuraiton of the individual server handling data rather than the network or data-center level. If you can provide some more details on these concerns I’ll be happy to inquire with the appropriate team(s). The DO private networking is only for communication between servers in the same data center inside DO. To have a private network between droplets in different regions or between droplets and servers in other locations you would likely want to look into a VPN based solution to create a virtual network between these nodes.
4.) This will very much depend on the chat app’s architecture. By storing data in RAM in the way you describe the question to ask is whether that data can be separated via a sharding method or if it would need to be fully replicated on each node to work properly.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.