20 Comments

  1. Luigi
    January 9, 2018 @ 9:54 pm

    This kind of balancing can be easily done with Google Cloud. Very easy to orchestrate.

    Reply

    • David H.
      January 9, 2018 @ 11:08 pm

      Do you have a link to an article covering the setup on Google Cloud? I’m always interested in any performance solutions for WordPress.

      Reply

    • Michael
      January 10, 2018 @ 3:40 pm

      Thanks for the post – and i am interested in the google as well.

      Reply

  2. Tomas R.
    January 10, 2018 @ 8:30 am

    Great article, I will try to set up, I am also interested how to make it on Google Cloud

    Reply

  3. andrew
    January 11, 2018 @ 12:59 am

    Reply

    • David H.
      January 11, 2018 @ 6:03 am

      I used to use the debops stuff quite a bit – it’s good, but there were bugs around the letsencrypt ssl and the varnish config, and I never made use of updating configs remotely using that system. There was sooo much custom config in their playbooks for me to go through (a lot of it good, but some it was causing problems and was difficult to trace) that I prefer to do it all from scratch so I have the latest code and no extra bumf, and I know exactly what is on there.

      The digital ocean scalable wordpress link you sent – they only have 1 database. I do like their use of glusterfs though, and this could be implemented in the cluster I’ve described above if you wish – it would replace the need for unison to replicate the files. Note that glusterfs would mean you’d need more servers – e.g. 1 load balancer, 3 nodes with db+web, then 3 nodes for your glusterfs. You could theoretically install it on these 3 nodes themselves. BUT, the thing I like about my cluster is that any individual node has all the info it needs to run your entire site. Here’s a guide to installing glusterfs – https://www.cyberciti.biz/faq/howto-glusterfs-replicated-high-availability-storage-volume-on-ubuntu-linux/ I’ll get a site with glusterfs up and running and get some measurements done soon.

      The Rancher/Docker link looks interesting, but the thing I don’t like about playbooks is that it gives you something else that you need to keep up to date. For example, that Rancher link is using playbooks that install PHP 5. The Nginx config is not great either. I do like docker though, and thanks for the links – it’s given me more stuff to investigate!

      Reply

  4. Prabhu Ganesh
    January 11, 2018 @ 6:54 am

    hi
    This is prabhu. i’m a web developer and i work with wordpress. this article about setting up a wordpress cluster for huge sites is really a useful information for everyone. Thanku so much

    Reply

  5. Michel J.
    January 14, 2018 @ 2:05 pm

    Hello Dave,

    Nice blog to read, but you are missing some essential things to get the whole tutorial working (please follow you own tutorial from beginning to end). You also write about 3 nodes in the beginning but you’ll need 4 nodes (loadbalancer) later on. The loadbalancer is your biggest bottleneck here……what if your loadbalancer goes down for any reason? If money ain’t a problem then I would prefer a backup load balancer. then 5 nodes in total is the way to go! Do you also thought about a clustercheck?

    Regards,

    Michel

    Reply

    • David H.
      January 15, 2018 @ 3:39 pm

      Hi Michel – the guide has been updated to note that 4 nodes are used, although if you’re worried about this you can use the Digital Ocean load balancer feature they provide.

      I’ve also updated the guide to replace Unison with GlusterFS which gives instant file replication and eliminates the need to activate plugins at node 1. Now you can do whatever you like on any node and it will replicate properly.

      If your load balancer goes down, firstly it’s an incredibly simple server, so I don’t agree it’s your bottleneck here – all it’s doing is decrypting SSL and proxying traffic through to the other nodes. Secondly, it’s easy to rebuild – takes about 5 minutes.

      Reply

  6. Michel J.
    January 15, 2018 @ 5:12 pm

    Hello Dave,

    thanks for the heads up. I am also working with GlusterFS so we are on the same boat here 🙂

    I know the rebuild of the LB isn’t that difficult and takes aprox 5 minutes. But in my case I am running a very big website which I can’t afford downtime on. Although it’s a simple process, but If my website goes offline overnights (okay I also can ad some monitoring software with SMS or whatever alarms we can think of) I’ve got a problem I don’t want to. Then it’s better to go with en failover loadbalancer. Once again money shouldn’t be the issue with this kind of setup.

    Regards,

    Michel

    Reply

    • Michel J.
      January 15, 2018 @ 5:34 pm

      Btw, perhaps for everyone here following this interesting blog it’s good know which servers and configuration you need.

      My setup is:

      LOADBALANCER 1 (2GB Droplet): LB + Keepalived daemon (NGINX)
      LOADBALANCER 2 (2GB Droplet): LB + Keepalived daemon (NGINX) (Failover)
      NODE 1 (8GB Droplet): Webserver 01 + DB (NGINX + PERCONADB + PHP-FPM 7.1)
      NODE 2 (8GB Droplet): Webserver 02 + DB (NGINX + PERCONADB + PHP-FPM 7.1)
      NODE 3 (8GB Droplet): Webserver 03 + DB (NGINX + PERCONADB + PHP-FPM 7.1)

      Regards,

      Michel

      PS.

      Perhaps it’s even fancier to setup separate caching servers with Memcached or Redis. One server could be used to offload PHP session and the second server could be handled by WordPress.

      Reply

      • David H.
        January 18, 2018 @ 4:49 pm

        There’s no real requirement for servers, other than what I specified. Ubuntu 16.04, although Debian will probably work with the above commands. Other than that, make sure it has some decent amount of RAM, 2GB minimum, the more the merrier, and SSD disks, but these are not really requirements, just nice-to-haves.

        I’ve built these with with as low spec as 3x2GB RAM + 1x1GB RAM (loadbalancer), and as high as 4x8GB RAM + 1x2GB RAM (load balancer) + some other variations of these sizes. There’s no limit to the number of nodes you can have – e.g. you could go 10x32GB RAM if you so wish, and you can also use any load balancer you like, e.g. you could use the digital ocean load balancer.

        And yes, you can set up separate elements in your cluster, like a cluster of redis or memcached servers. The way the Nginx config for the load balancer is set up above, each user will stick to the same node (stickied by IP address) unless that node goes down. Each nginx server in the above config is running its own page cache using fastcgi_cache which is as fast as varnish. That works for logged out users only and switches off when key wordpress things happen, e.g. comments, or add to basket or similar.

        Reply

  7. Jeff
    January 19, 2018 @ 3:33 pm

    Hey Dave,

    I am having problems with Issuing the SSL certificate on the Load Balancer.

    When I try to issue the SSL, certbot gives me the following error:

    ////

    Failed authorization procedure. http://www.yet-another-domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.yet-another-domain.com/.well-known/acme-challenge/9KuNEVFp7MWWUcl4D_iqvyod7a3waFKA8VpNDsD8HH0: ”
    <html xmlns="http:", yet-another-domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://yet-another-domain.com/.well-known/acme-challenge/4QZAR_4OJ-c9gSB8Fxo-eMq0Uj8N5V_JsV9cl2Re3Xo: "
    <html xmlns="http:"

    IMPORTANT NOTES:
    – The following errors were reported by the server:

    Domain: http://www.yet-another-domain.com
    Type: unauthorized
    Detail: Invalid response from
    http://www.yet-another-domain.com/.well-known/acme-challenge/9KuNEVFp7MWWUcl4D_iqvyod7a3waFKA8VpNDsD8HH0:
    "
    <html xmlns="http:"

    Domain: yet-another-domain.com
    Type: unauthorized
    Detail: Invalid response from
    http://yet-another-domain.com/.well-known/acme-challenge/4QZAR_4OJ-c9gSB8Fxo-eMq0Uj8N5V_JsV9cl2Re3Xo:
    "
    <html xmlns="http:"

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

    ////

    My A record is set, and CNAME for www, but the host doesn't provide an ipv6 address. But I've used certbot at other times no problem issuing certs for sites.

    Difference is the im trying to issue it on the loadbalancer, never done with certonly to webroot path before. Are there any special permissions, or is that the full configuration needed for the Load balancer above? Or does it require extra settings on the nodes? I used a stripped down regular nginx configuration for the nodes, since I am not using fastcgi_caching, but I did include the ACME stuff in the server block.

    Thanks for any help or pointers you can give.

    Jeff

    Reply

    • David H.
      January 19, 2018 @ 9:01 pm

      Did you install the full file from the page above onto your loadbalancer? Importantly, you need the rule to allow the .well-known files.

      Config above works and is full config for load balancer – i’ve set up a bunch of them. It’ll be the ACME stuff that’s failing – the ACME stuff needs to be on your LOAD BALANCER, not on the nodes.

      Reply

      • Jeff
        January 20, 2018 @ 6:13 am

        Hey David, thanks for the help. Yeah i am absolutely sure it is working, I am trying to adapt it for my workflow, so stripped it back and will re-add your fastcgi_caching and security stuff as I go.

        It’s all good stuff.

        One thing I did note, on the load balancer, I needed to delete the default symlink from the etc/nginx/sites-enabled folder.

        I also had to delete the inverted commas from:
        wsrep_sst_auth=”sstuser:password”
        to:
        wsrep_sst_auth=sstuser:password

        The full file for the load balancer ‘/etc/nginx/conf.d/loadbalancer.conf’ above was up on the load balancer.

        So in the tutorial, all the files from your github ‘https://github.com/dhilditch/wordpress-cluster /root/wordpress-cluster/’ nginx file should be on the load balancer aswell, crucially, the acme stuff?

        I will get to that.

        Nice one!

        Reply

        • David H.
          January 20, 2018 @ 7:55 am

          No I didn’t mean you needed to install the file from github on the loadbalancer. Maybe it’d be easier if I put a copy of the file for the loadbalancer on github, but I just mean the loadbalancer.conf text above.

          There’s a comment in the text above that says: # this block is for letsencrypt.

          Reply

        • David H.
          January 20, 2018 @ 9:10 am

          Maybe it’s because you deleted the default symlink – not sure why you needed to delete that on the loadbalancer?

          Reply

        • Jeff
          January 20, 2018 @ 9:16 am

          I didn’t actually get it working using the webroot/ACME method – I will do later though I am sure.

          Instead, for now, I just created a virtual host on the loadbalancer for my domain, and then used certbot –nginx plugin.

          There is a bit of an issue at the moment with certbot –nginx plugin:
          https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983

          So need to use:
          sudo certbot –authenticator standalone –installer nginx -d -d –pre-hook “service nginx stop” –post-hook “service nginx start”

          But this all worked.

          Also with the clusterwpadmin and clusternodes, redirecting admin access to 9443:

          This:
          define( ‘FORCE_SSL_ADMIN’, true );
          if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false) {
          $_SERVER[‘HTTPS’]=’on’;
          }

          needed to be above this:
          /** Sets up WordPress vars and included files. */
          require_once( ABSPATH . ‘wp-settings.php’ );

          That had me for a while.

          This is all really great. Like I say, I am going through your Nginx configuration, lots to learn from there regarding optimizing an Nginx stack, this is all very much appreciated Dave.

          I’d definitely like to buy you a beer if you have any such a button?

          Jeff

          Reply

          • David H.
            January 20, 2018 @ 10:25 am

            Thanks Jeff – I’ve added a tip button to the sidebar for you 🙂

          • Jeff
            January 20, 2018 @ 1:04 pm

            Tipped, thanks again mate.

Leave a Reply

Your email address will not be published. Required fields are marked *