Results 1 to 16 of 16
  1. #1
    MichaelCorfman's Avatar
    MichaelCorfman is offline GPWA Executive Director
    Join Date
    June 2004
    Location
    Newton, MA
    Posts
    4,161
    Thanks
    858
    Thanked 5,321 Times in 1,717 Posts

    Lightbulb New GPWA database and forum servers being deployed

    I had announced some time ago that we had ordered several new servers to support the GPWA website. We are currently planning to perform the migration to the new hardware beginning at 8am EST tomorrow morning, Monday, 26 January 2015. The forums will be down during the migration, but the rest of the site will remain operational. If everything proceeds smoothly, the migration should take less than an hour.

    The new hardware includes a replacement MySQL database server to power the GPWA forum. The current MySQL server used by the GPWA website has 4GB of memory with an Intel Xeon E5430 processor. The new server uses the more powerful E5-2650 v2 processor and has an initial configuration of 16GB of memory. You can see a comparison of the two processors here:

    cpuboss.com/cpus/Intel-Xeon-E5430-vs-Intel-Xeon-E5-2650-v2

    We are also migrating the forum and the rest of the GPWA website to a pair of load-balanced web servers, to improve performance, to avoid temporary disruptions for activities like the rebooting of servers, and to improve resilience to hardware failures.

    Hopefully the new hardware will translate into our members experiencing a better performing GPWA website.

    In addition to providing better performance, we are also migrating to the new servers to deal with a recent hacking of the GPWA web server. Since the current server has been compromised, we decided the safest approach was to promptly move the site to the new server, which is one where we have paid special attention to further reducing vulnerabilities. The specific instance of recent hacking to which I refer is documented in the following thread that was started six days ago: GPWA is hacked!!!


    Michael
    GPWA Executive Director, Casino City CEO, Friend to the Village Idiot

    Resources for Affiliates: iGamingDirectory.com, iGamingAffiliatePrograms.com, GamingMeets.com

  2. The Following 6 Users Say Thank You to MichaelCorfman For This Useful Post:

    BettingGods (28 January 2015), elgoog (25 January 2015), Gamer (26 January 2015), Moonlight Cat (25 January 2015), Roulette Zeitung (26 January 2015)

  3. #2
    Gamer's Avatar
    Gamer is offline Public Member
    Join Date
    August 2014
    Posts
    438
    Thanks
    78
    Thanked 198 Times in 132 Posts

    Default

    Omg.... 16GB of memory.... wow! GPWA rocks!
    Good Luck with the migration and to attract more platinum sponsors!

  4. #3
    Roulette Zeitung is offline Public Member
    Join Date
    July 2012
    Location
    Germany
    Posts
    4,446
    Blog Entries
    5
    Thanks
    6,015
    Thanked 6,765 Times in 2,978 Posts

    Default

    "Good Luck with the migration and to attract more platinum sponsors!"

    The best would be to protect to good of the existing ones instead of more.

    Not every year must end under any circumstances with a higher profit. I know, that is the American system, but deep in our heart we still have a social aptitude, and not every sponsor who is leaving the stage, shall be replaced by another one.

    Sometimes less is more

    Leopold

  5. The Following User Says Thank You to Roulette Zeitung For This Useful Post:

    BettingGods (28 January 2015)

  6. #4
    MichaelCorfman's Avatar
    MichaelCorfman is offline GPWA Executive Director
    Join Date
    June 2004
    Location
    Newton, MA
    Posts
    4,161
    Thanks
    858
    Thanked 5,321 Times in 1,717 Posts

    Default

    The migration to the new servers was completed a few moments ago. Hopefully the site will be a little zippier now.

    We tried to do a good job of testing, but migrations do sometime introduce issues that need to be resolved. If anyone encounters any issues using the site, please let us know so we can investigate.

    Michael
    GPWA Executive Director, Casino City CEO, Friend to the Village Idiot

    Resources for Affiliates: iGamingDirectory.com, iGamingAffiliatePrograms.com, GamingMeets.com

  7. The Following 3 Users Say Thank You to MichaelCorfman For This Useful Post:

    CCJ (26 January 2015), Maria F (28 January 2015), TheGooner (26 January 2015)

  8. #5
    Pmig is offline Private Member
    Join Date
    August 2012
    Posts
    178
    Thanks
    43
    Thanked 77 Times in 54 Posts

    Default

    16Gb of ram is "reasonable" but I cant understand why is needed a load balancer here.

    Maybe if you switch fromMicrosoft-IIS/8.5 to a *nix destribution and use nginx and/or varnish you dont need that headache/cost.
    This is also true about your PHP version who is outdated and slow. (PHP/5.4.24), You should consider move that to 5.5 or 5.6 who have a lot of performance impovements.

    At terms of CPU cost you could have opted in for a E3-1245 V2, its fairly similar and is almost a third of the price ( http://cpuboss.com/cpus/Intel-Xeon-E...Xeon-E3-1245V2 ).

    But well, good job.

  9. #6
    TheGooner's Avatar
    TheGooner is offline Private Member
    Join Date
    March 2007
    Location
    New Zealand
    Posts
    4,245
    Thanks
    1,939
    Thanked 4,195 Times in 1,997 Posts

    Default

    Quote Originally Posted by MichaelCorfman View Post
    The migration to the new servers was completed a few moments ago.
    Well done Michael - always a nervous time to be down - but it was painless ... I didn't notice a thing!

  10. #7
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,642
    Thanks
    2,110
    Thanked 7,834 Times in 4,940 Posts

    Default

    Using any NIX installation on a single server would still allow for a single point of failure whereas any load balanced solution would not!

    Looks as if the migration went smooth, but I was fairly confident as I had been doing some testing.

    Rick
    Universal4

  11. #8
    Pmig is offline Private Member
    Join Date
    August 2012
    Posts
    178
    Thanks
    43
    Thanked 77 Times in 54 Posts

    Default

    You can have a linux cluster without a load balancer But well It's your decision, is not right or wrong. I'm just saying I do things on a diferent way, with same security and less costs.

  12. #9
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,642
    Thanks
    2,110
    Thanked 7,834 Times in 4,940 Posts

    Default

    You can cluster windows without a load balancer also, but that isn't really the point.

    A load balanced solution is very robust and allows for very granular port mapping and natting, through the load balancing devices.

    I am a strong advocate of web servers doing ONE thing, serving websites and nothing else. Not mail, not sql, not nat nothing else when at all possible.

    What this does is basically (in general terms) only pass port 80 and ssl traffic to the web servers, while monitoring which if both (or more) web servers are up and distributing the traffic to multiple web servers, and ONLY passing web traffic to them and nothing else.

    Sure you could do that with nix installs, but that would mean the natting would take place on the web servers, in the above scenario the web servers handle ONLY web traffic) or you would have to have a cluster of nix boxes in front of the webs to do the natting and splitting up of the traffic to the nodes behind it. (also the nix boxes would have to run load balancing software)

    In almost all cases the single function load balancers will be running a linux kernal and will take care of all packet inspection and dostribute the traffic (Only using the ports allowed by the admins) to the nodes behind it.

    Now I am personally a fan of Load Masters from Kemp Technologies, although I do not know if Michael is using those or maybe the Baracuda equipment or other.

    Once load balancers are set up and configured properly, you could in essence unplug or shut down one of the servers and the load balancer would detect it was down and then send 100% of the firewalled (using that temr loosely) traffic to the remaining web server. Thus, in cases like Michael stated earlier, if either server is rebooted or suffers a hardware failure, the other server is already serving the traffic.

    Before you ask if the load balancers can be a single point of failure, yes they can, but if you have a pair in high availability mode then they run in tandom in a master slave setup so if one fails the other takes over.

    Normally in the situations described above, the only single point of failure for webs is the public switch. (the switch that handles and distributes public traffic between the upstream router or provider's switch and the servers, load masters and other devices that need public traffic)

    In the scenario above, web servers do not have public ip's bound to them and are not exposed directly to the public as all traffic must pass through the load balancer first before reaching a web server. (at least any load balancers I have looked at all do nat)

    I understand my post went pretty far into the tech side, and I did try and use more general terms a little while staying fairly accurate but I think it helps show how robust of a solution Michael and his team have put into place and in the long term I think they will see even the attacks will subside to a degree since only the front end devices will see the port scans etc and only traffic they define will be getting through which will make monitoring invalid logon attempts etc easier to track.

    I do not know the exact topology of what Michael has designed, but I hope the details I posted were accurate enough and may help some understand a little more about how load balancing works, and how these kinds of solutions help the long term high availability.

    Rick
    Universal4

  13. The Following User Says Thank You to universal4 For This Useful Post:

    -Shay- (27 January 2015)

  14. #10
    Pmig is offline Private Member
    Join Date
    August 2012
    Posts
    178
    Thanks
    43
    Thanked 77 Times in 54 Posts

    Default

    No problem at all with tech side

    If you like the single responsability services (as I do) (not only single responsability server but also on sevice levels) you can abstract/virtualize with docker https://www.docker.com/ .

    Take a look at https://coreos.com/ or http://www.projectatomic.io/

    This is how "big boys" do things on now days. The load balancer solution is a little obsolete, is expensive to scale and as you describe appear the main job there is firewall"ish" behaviour.

  15. #11
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,642
    Thanks
    2,110
    Thanked 7,834 Times in 4,940 Posts

    Default

    I have not looked at those you mention.

    I am (here and there with limited time resources) looking for a bare metal type of virtual environment.

    I have looked closely and seriously considered proxmox, but have not finalized an opinion.

    In my opinion, large scalable solutions usually need something on the front end for nat and traffic distribution, and a solid LB is a great choice.

    By the way, I do not put dns or mail behind these, only the webs.

    Rick
    Universal4

  16. #12
    MichaelCorfman's Avatar
    MichaelCorfman is offline GPWA Executive Director
    Join Date
    June 2004
    Location
    Newton, MA
    Posts
    4,161
    Thanks
    858
    Thanked 5,321 Times in 1,717 Posts

    Default

    I described the general functioning of our configuration using load balancers for redundancy some time ago when it was first implemented to support the GPWA seal program. You can see that description in the following thread:

    New Fault-Tolerant GPWA Seal Service.

    Michael
    GPWA Executive Director, Casino City CEO, Friend to the Village Idiot

    Resources for Affiliates: iGamingDirectory.com, iGamingAffiliatePrograms.com, GamingMeets.com

  17. The Following 2 Users Say Thank You to MichaelCorfman For This Useful Post:

    Pmig (27 January 2015), universal4 (27 January 2015)

  18. #13
    Pmig is offline Private Member
    Join Date
    August 2012
    Posts
    178
    Thanks
    43
    Thanked 77 Times in 54 Posts

    Default

    Quote Originally Posted by universal4 View Post
    I have not looked at those you mention.

    I am (here and there with limited time resources) looking for a bare metal type of virtual environment.

    I have looked closely and seriously considered proxmox, but have not finalized an opinion.

    In my opinion, large scalable solutions usually need something on the front end for nat and traffic distribution, and a solid LB is a great choice.

    By the way, I do not put dns or mail behind these, only the webs.

    Rick
    Universal4
    I use proxmox a couple of years ago, was not bad but on now days there is better ways to deploy vm's.

    Take a serious look at docker, is fair better than openvz (proxmox) aproach. Docker permits to have several OS's on same install (even several versions of same OS).

    With proxmox everytime you want to deploy a new vm you have to install the full OS wasting machine resources, with docker you share the core, so you can have 100's of, lets say, centos with only one centos instalation.

  19. The Following User Says Thank You to Pmig For This Useful Post:

    universal4 (27 January 2015)

  20. #14
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,642
    Thanks
    2,110
    Thanked 7,834 Times in 4,940 Posts

    Default

    Thanks, that is a good point, although I do not mind fresh installs too much.

    I will be, predominantly at least, be running virtual windows servers as well as possibly an install or two of windows 7 and likely one install of windows xp. (specific application need)

    Rick
    Universal4

  21. #15
    Pmig is offline Private Member
    Join Date
    August 2012
    Posts
    178
    Thanks
    43
    Thanked 77 Times in 54 Posts

    Default

    On your case as you will virtualize windows docker is not the solution, so sticking with proxmox and KVM's I think its the better free way to go.

  22. #16
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    27,642
    Thanks
    2,110
    Thanked 7,834 Times in 4,940 Posts

    Default

    Thanks for the link to the topology you had posted previously, I had forgotten about that.

    It reminded me of the fact that one of these days I wanna sit down and pick Alan's brain on a few questions I have about that setup.

    Maybe I should pop in and do so in person since I would understand it better....I could possibly plan a visit one of my trips to PA.....but I have no intention of doing that while that silly white stuff is falling from the sky....last time I was involved in that I was sick in bed for two weeks....lol (looks to be about a 5 hour drive)

    Rick
    Universal4

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •