AWS LEMP Stacks and EFS Issues
Lesson learned — if you are using EFS on production systems you want to be using provisioned throughput mode.
But, before we get into that, let’s go over the details of this implementation…
Service Configuration
We utilize AWS EC2 instances to run multiple WordPress sites hosted in different directories. The configuration is fairly standard: 2+ servers configured as part of an load-balanced cluster. The servers run from the same image meaning they use the same underlying software stack.
Part of that image includes a mounted EFS (Elastic File Storage) directory , used to share WordPress resources between all nodes in the cluster. The original architecture was designed to host not only the typically-shared wp-content/uploads folder of WordPress via this EFS mount but also the code. The thought was that sharing the code in this way would allow a system admin to easily update WordPress core, plugins, or themes from the typical wp-admin web login. Any code updates would immediately be reflected across all nodes.
EFS Web App Code Hosting – A Bad Idea
Turns out this is a bad idea for a few reasons. First of all, EFS volumes are mounted using the NFS4 (network file storage) protocol — this defines how the operating system handles file read/write operations for a network mounted drive. While NFS4 is fairly robust, the throughput of ANY network drive, even on a high speed AWS data center backbone, is much slower than a local drive such as an EBS volume.
That means that even on a good day every PHP file, JavaScript file, or anything else needed to serve up that WordPress web page are going to be a bit slower than normal.
However, the bigger problem comes to light if you happen to choose the default, and pushed as “the mode to use” by Amazon, EFS throughput mode known as “Burst mode”.
Internet Enabled Voting For US Elections
Internet enabled voting is a must IMO. Many that are afraid of the security risks and remote hacking have a very shallow, if any, understanding of the risks involved.
To claim physical (paper) voting is more secure is absurd. Every country that has used that system, including ours, has encountered fraud in some form.
Maybe this is the perfect catalyst for getting our Internet providers to finally enable IPV6. It would make external attacks a couple orders of magnitude more difficult. Not too mention providing direct 1:1 accountability to track every single device used to vote.
Internet Enabled Voting For US Elections
apple.news/A2hlUbDHwRjifTbSwv6fOZQ
Internet enabled voting is a must IMO. Many that are afraid of the security risks and remote hacking have a very shallow, if any, understanding of the risks involved.
To claim physical (paper) voting is more secure is absurd. Every country that has used that system, including ours, has encountered fraud in some form.
Maybe this is the perfect catalyst for getting our Internet providers to finally enable IPV6. It would make external attacks a couple orders of magnitude more difficult. Not too mention providing direct 1:1 accountability to track every single device used to vote.
Converting A Standalone Instance Into An EC2 Load Balanced Cluster
Creating a new web application that resides on an AWS load balanced cluster is easy with the Elastic Beanstalk assistant. That is a great solution if you want to run every web service or application on their own instances. It is not a great fit for complex environments like the one being used for Store Locator Plus®.
Store Locator Plus® has several environments running within the same master domain. Multiple servers and load balancers creates a security certificate nightmare. Not too mention it starts racking up EC2 server fees quickly if they each became their own cluster. The better option is to retain a server instance that allows us to run our SaaS offering, our buy-and-own plugin store, our documentation site, and our demo site from a single disk image. We want to setup a full EC2 Load Balanced Cluster to gain the benefits of horizontal scaling on a server hosting multiple domains and web apps.
While this is easy to do with a single EC2 instance that hosts multiple host names for the storelocatorplus.com domain, making it scalable under load is the trick. It turns out Elastic Beanstalk is not a good fit. Instead we need to build a load balanced cluster “from scratch”. We’ll need to combine a machine image from a running server with a Launch Template. We will need an Application Load Balancer that will have instances attached and detached automatically from an Auto Scaling Group that we will also create.
Our environment also has a configured EC2 instance to run the web application stacks, mostly WordPress, locally on an EBS volume that uses an Amazon Aurora MySQL RDS database in multiple zones for performance and reliability. These two features make it easy to replicate the disk image for the software portion and maintain a persistent DB store across all instances.
Read MoreCloning A VVV 2.6 Install
Decided to upgrade my long-term VVV setup that I use for daily client consulting work in preparation for a new gig as head of R&D and CTO for a super cool tech startup. As usual I should have left things alone as it was working fine; I only wanted to play with the newer VVV toys. You’d think I’d learn by now.
What I ended up doing was cloning a working baseline VVV install I had created a few weeks ago for the WordPress Plugin Development class I’ve been teaching at The Blockyard this year as part of the CodeBlock initiative.
Turns out this will be super useful for those nights when we have a dozen students all trying to initialize a new VVV install and we don’t have the bandwidth for 12 simultaneous 500MB box image downloads.
Here are the notes for a MacOS install. Windows will be slightly different but the same concepts apply.
Read More