Hello,

I run a website running XenForo, 2 different Wordpress installations, a Wikimedia installation, and the forum alone starting to approach 400 active users every day during peak hours. This runs on a single 4GB package, and now, we're starting to see almost 400% CPU and 3.25GiB RAM being used up. I think it's time for an upgrade.

My question is relatively complicated.

I am interested, for personal experimentation's sake, in expanding laterally. While an 8GB server would definitely resolve the issue, I'm more interested in buying a second 4GB server. This is because, at 8GB, the # of cores lower than the GB size of the package, meaning the cost effectiveness of the CPU is less than multiple boxes. I would like to put the MySQL database that runs all applications on a single box, and then buy a second 4GB linode. If that one becomes peaked too even without running MySQL, I'd then buy a 3rd 4GB linode and utilize load balancer.


My questions are:
1) Is this the way to go, or am I being silly?
2) If I buy my 2nd server at the same datacenter, is this a latency issue? Can I use internal IPs?

So you want to go from one point of failure to several points of failure.

You want to go from one box to Admin to several boxes to Admin.

You want to go from your current set of attack vectors to multiples of that set of attack vectors.

All because .....?

I'd vote (at least for now) "you're being silly".

Of course if you continue to grow, the single box option might no longer be on the table.

If you want to experiment/learn about running distributed web services - setup a local box with VirtualBox and learn the easy way in your own free secure virtual sandbox. Then you'll have the know how to move it to the real world if you outgrow the single box solution.

YMMV

_________________
Either provide enough details for people to help, or sit back and listen to the crickets chirp.
Security thru obscurity is a myth - and really really annoying.

Isn't that the point? You can take one box down and run maintenance on that without a hitch.


That doesn't seem like that big of a deal.


How can my MySQL DB be attacked if the firewall is set to ignore non-local connections? The entire point is to isolate the DB and run scripts on boxes that can be broken down, cloned, and updated en masse repeatedly.

In a split DB & Web system, if EITHER box is down, your websites are not working.

Each box you add to your Admin list is just one more hassle, one more to keep updated, one more to test, one more to document, one more ...

As long as you never remove that isolation to test, or via a typo, or via just plain carelessness, or... or... or...

But whatever - try out the multi-box scenario and see how it works out for you - you can always change back.

Personally, simplicity works best for me. Less hassles, less work, less worries. I only grow more complex when there is no other simple solution.

_________________
Either provide enough details for people to help, or sit back and listen to the crickets chirp.
Security thru obscurity is a myth - and really really annoying.

When I was originally migrating to Linode, we had our MySQL server and Apache server on a single big box. We had some pretty bad performance issues with that server; it seemed as it the httpd processes and mysql were fighting for the CPU and slowing everything to a crawl under heavy load. When I put MySQL on a separate, smaller box, it helped performance immensely in terms of request throughput. I used Puppet to provision both servers, so the software installed was the exact same. Not sure why having separate boxes helped so much, but I'm guessing it had to do with IO contention causing processes to spend a lot of time in an iowait state.

Are you on one of the newer boxes (after Linode's move to SSDs and newer CPUs), or still on a pre-upgrade box? If you're still on one of the older boxes, then the free upgrade could get you a lot more breathing room. If you're on one of the newer ones, then that's not going to be a great help

Ignore vonskippy, he's the resident curmudgeon. Splitting your webservice and database are the natural first step when increasing capacity. It's the logical first step in expanding horizontally, and it's the easiest one too. Once you've got your database on its own 4GB box, don't forget to tweak MySQL's settings to take advantage of the RAM. You can start with the biggest sample file that MySQL ships with (my-huge.cnf, meant for servers with 1-2GB of RAM that mostly just run MySQL), and then you can use mysqltuner to help tweak it from there.

Note that you need to let the MySQL server gather statistics before running mysqltuner. The idea is that you let your database server run with real load on it for 24 hours or more, and then you run mysqltuner, which will look at the statistics the server has gathered and suggest changes to your config file based on your workload.

Thanks for the input guys. I just wanted to say that expanding laterally was a really great idea and it's been fun playing with the configuration. I've learned a lot about static networking in the process.

To give an overview:

I have 3 servers.
Alpha is designated by the MySQL server and is a 4GB Linode.
Beta is a "vulnerable process" server and is a 1GB Linode.
Charlie is the new Script image server and is a 4GB Linode.

Alpha was the original box and had literally everything tucked into it. The only way to continue improving performance with more load is to buy a bigger Linode. Alpha has been re-designated to dynamic storage, and has memcached and MySQL loaded onto it.

When my website was DDoS attacked, I read up on network security to protect my website from an identification attack. Already behind cloudflare, I made sure that the attackers were forced to go through their service so that I could manage it more easily. Beta was born out of this necessity, as I offloaded IP-vulnerable services like email and teamspeak to it. If the attackers chose to take down Beta, I don't have to care because it's not something uber critical to services. Also, since Beta is not a web server, application level attacks are much harder to pull off by novices.

This month, we experienced a huge spike in traffic that burdened an already growing number of daily users. The website slowed to the crawl, and my incredibly generous MySQL configuration ended up crashing the database multiple times at peak hours as it overconsumed RAM. I decided that I wanted to free up memory by moving Apache to its own box, which is why I now have Charlie. Charlie interacts with Alpha and Beta, and is set up so that no service is dependent on it.

Having Charlie be the dependent server with nothing requiring it to exist is super important. As long as Charlie remains a middle-man that Alpha and Beta don't need, I can then go on to set up Delta and Epsilon, also on cheap 4GB Linodes, using mirror images of Charlie. If Alpha or Beta need an upgrade, I'll probably just bump up the Linode to 8GB/2GB respectively, since RAM is the most critical aspect to each, not CPU like it is with Apache services. Since CPUs become less cost-effective on Linode after 4GB, this makes the most sense to me.


Just wanted to spout off on web stuff. Thanks for the input.