High Level view of ISPConfig?

Discussion in 'General' started by TonyG, Sep 1, 2020.

  1. TonyG

    TonyG Active Member

    Has anyone created a document/article/blog that describes ISPConfig at a high level? The User Manual is all about implementation details, made by people who know the platform, for people who know the platform. Yes, there are some good examples too with a walk-through. I'm looking for something a step above that. For example, start with an example of a use-case, describe the topology, add an image. Then when we look at the user manual we'll have a much better idea of exactly where we are going and how the pieces fit together.

    So far, my understanding (probably wrong) is as follows: ISPConfig runs in a Master/Slave configuration, where all slave/maintained servers are controlled by a single primary system. Open ISPConfig on the primary server, view and configure all of the secondaries. To make this happen, install ISPConfig on every server that is to participate in the network. The installation for each server only needs to include the components which will be administered from the primary. There might be one system that runs all databases, one mail server, and several servers running client websites. To add a new system into the network, provision the hardware, install the OS, install ISPConfig, link the primary and this new secondary using the documentation.

    Again, this could be wrong, but it looks like inter-system communication is done primarily through SSH via root login from the primary to secondaries. OR ... is there some other client/server interface where messages sent from the primary get processed/executed on secondaries?

    I'm planning out a new small network, so I need to have this view in my head to ensure all of the pieces are being installed where required. Not mentioned above but I will have primary/secondary DNS. I will mirror the ISPConfig master, and need to create a backup/mirror strategy that will allow for recovery of a secondary system without getting out of sync with the master configuration. I'm going to script as much as I can (Ansible and shell) to do the initial install/config on secondary systems and avoid repetitive manual operations. Is there a place where people discuss scripting like that?

    I dunno what I don't know... If docs/blogs already exist that describe the environment like this, please post more links to them in common places. If I've missed such docs - sorry! If this material doesn't exist, I'll do what I can to write it as I come to understand it.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    In an ISPConfig multiserver system, the slave nodes connect to the master MySQL database and poll changes from the sys_datalog table. The sys_datalog is an internal transaction log that allows ispconfig to keep systems in sync even if a slave node is offline for some time. So there is not root connection between the nodes and no ssh connections. The MySQL user used to connect from slave system to master has the naming scheme ispcsrvX where x is the numerical ID of the server.
  3. TonyG

    TonyG Active Member

    That's REALLY helpful. Thank you @till. It's interesting that this is exactly what I am creating right now with a new WordPress plugin to allow systems within a network to exchange administration-level data, though I'm using REST queries rather than direct db queries.

    To be clear, am I missing this kind of information elsewhere? Or is this really just a view that hasn't been documented yet? Can you recommend some other source? I understand that time taken to write docs takes away from the limited time available to write code. So, no pressure, I'm just trying to understand what we have in this ecosystem.

    Is my understanding of the initial installation correct, that each server requires its own instance of ISPConfig in order to participate in the network? And ... is anyone automating that? I might just configure one system, save the image, and spin that up for each new secondary/slave. Reasonable?

    As I was glancing over the user manual there was a note in there about allowing non-password root access between systems. That's why I incorrectly jumped to that theory. I will certainly read everything more closely as time permits.

    Thanks again.

Share This Page