Hello All, First of all I'd like to thank the developers for the great work that is being done with ISPConfig. I have a single server set-up that is working fine, although I do find some issues (not ISPConfig related) with the SAN where the iSCSI drives are running which sometimes lead to the server being out of service. I am thinking about moving to an high-availability solution and I'd like to get some advice on how to do that. I have read the manual and the tutorials on multi-servers but I get stranded on how I'd achieve my goal, hence this post. The actual scenario is the one on the picture below: Nothing fancy about this one... The new scenario I've thought is: The big differences are: 1. I am adding a 2nd Internet access 2. The firewall has load balancing capabilities (pfSense) 3. Every "02" server (web-02, mail-02, etc) would be in sync with the corresponding "01" 4. I understood that the ISPConfig can only run on one server so I'll have it reverse proxied from the web-01 (replicated to web-02) to the actual machine where it is running. 5. All the servers are virtualised under VMWare. 6. The "01" servers will be on a physical host and the "02" on a different physical host for resiliency. The SAN where the corresponding iSCSI will be running will be different too. My main purpose is to increase service availability and allow for maintenance (updates, reboots, etc.) during daytime, which I can not do today for availability reasons. Questions: 1. Do you think this is a possible/feasible/recommended design? 2. Is it possible to migrate the existing server to this new architecture without losing any data, including customer access credentials? I am willing to do it in steps like, for example, moving from 1 server with all services to 2 servers with all services and then start moving services away for new servers that are added. 3. Is there any tutorial on doing what I am planning? (I could not find a clear one) 4. One last thing that I'd like to achieve is: I currently run an independent web server for a single Customer because he has a very old web app that only runs in a very old PHP version. I created the site on ISPConfig but using the apache directives I reverse proxy to that machine. Can I have multiple php versions in this scenario on the web servers? Any guidance and feedback is most appreciated! Thanks, Fernando
1. Yes. 2. I think so. 3. I also couldn't find any tutorials for the migration from single perfect server to HA multi server though I always refer to the cluster setup tutorial for HA other than the multi server tutorials and manual. You should buy migration tools and get professional ISPConfig support. 4. Multi php versions are already possible. There is no doubt about it. In addition to the above, in other thread, @till explained that HA of ISPConfig GUI is possible but the most important is HA of this master database of which the above mentioned cluster setup tutorial has its guides.
well, wouldn't that still be the case, even with highly available servers in front of the SAN? you can move services eg mail, from the master ispconfig server to another member server, but it may be simpler to create a new master server, add the new member servers to the new master, and then migrate services and accounts from the old master to the new servers. not sure of your loadbalancer/firewall config, but you might want to consider using two, in failover mode to avoid a single point of failure there. also, depending on your what websites you're hosting, ie what cms most of them use, you may want to consider leaving the databases for them on the webserver themselves rather than having them separated. tried a separate database server on aws, and even with fast/low latency links, lots of cpu's and ram, etc. the way wordpress in particular uses databases, it was quite noticeably slower than keeping the websites and databases together.
The SAN issues have been identified due to load issues. That's why I am also adding a 2nd SAN to offload some of the iSCSI hosts. Would I be able to move the contents (websites, mails and domains) to new servers while maintaining login credentials? That will be a next step for sure, although for now is not a priority because the FW load is very low. I never thought about moving the databases away - just having dedicated servers in this setup in the same LAN.
if you're keeping your existing master, adding servers to it, and then moving sites/mailboxes etc, yes. once you've added the new servers, you change the server_id for the relevant services in the master database, and then run a resync for those services on the new server, and it'll create all the relevant files/folders. for dns, that should be all you need, for websites, mailboxes, you'll need to rsync them across from the master to the new server, for databases, export from old server, import to new. then change DNS records, db connection details and registered nameservers as required if you're creating a new master, and migrating services using the migration tool, it should do everything you need regarding accounts and files/folders, then just change dns records, registered nameservers as required. it might change any cms db connection details for you, i can't remember now, it's been a while since i've used it. i didn't move databases away, as in completely remote. i had the webservers and database servers on the same lan, it's just that especially for wordpress, that extra bit of latency querying the databases over the local network was very noticeable compared to keeping the databases on the webserver and using localhost for mysql connections.
I wonder is a mix of Cluster Setup with Multi-Server Setup would do the trick? I am actually into testing this with Ubuntu 18.04 and record all the steps to create a tutorial on this. My only question is: if I manage to have this setup working, will I be able to migrate all the data from the existing Single Server Setup I have today? By the way, with a cluster setup, I would have a floating IP to access the different services in order to achieve load sharing. This is an easy one to achieve with the Load Balancer module of pfSense and I already do this today for HA Database (not ISPConfig Database): I have to servers 192.168.1.101 and 192.168.1.102 in a master-master replication config and I added both servers to pfSense load balancer with a virtual IP 192.168.1.100. All applications/services that use this point to 192.168.1.100 and are unaware of the existence of the 2 real servers.
if you mean an ispconfig cluster for the master server, and adding dedicated web/dns/db/mail servers as in the normal multi-server setup, yep, that's do-able. afaik, migrating accounts and data using the migration tool would be no different to how you would do it for any other ispconfig system. just tell the migration tool what server is the new master and what server you want any particular service ( or which particular site/database/mailbox if migrating each one individually) to be on.