<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hey guys, I’m having a real hard time figuring out how to handle my Gluster situation for the web hosting setup I’m working on. Here’s the rundown of what I’m trying to accomplish:<div class=""><br class=""></div><div class="">- Load-balanced web nodes (2 nodes right now), each with multiple LXD containers in them (1 container per website)</div><div class="">- Gluster vols mounted into the containers (I probably need site-specific volumes, not mounting the same volume into all of them)</div><div class=""><br class=""></div><div class="">Here are 3 scenarios I’ve come up with for a replica 3 (possibly w/ arbiter):</div><div class=""><br class=""></div><div class=""><b class="">Option 1</b>. 3 Gluster nodes, one large volume, divided up into subdirs (1 for each website), mounting the respective subdirs into their containers & using ACLs & LXD’s u/g id maps (mixed feelings about security here)</div><div class=""><br class=""></div><div class=""><b class="">Option 2</b>. 3 Gluster nodes, website-specifc bricks on each, creating website-specific volumes, then mounting those respective volumes into their containers. Example:</div><div class=""><div class=""> gnode-1</div><div class=""> - /data/website1/brick1</div><div class=""> - /data/website2/brick1</div><div class=""><div class=""> gnode-2</div><div class=""> - /data/website1/brick2</div><div class=""> - /data/website2/brick2</div><div class=""><div class=""> gnode-3</div><div class=""> - /data/website1/brick3</div><div class=""> - /data/website2/brick3</div></div></div></div><div class=""><br class=""></div><div class=""><b class="">Option 3</b>. 3 Gluster nodes, every website get’s their own mini “Gluster Cluster” via LXD containers on the Gluster nodes. Example:</div><div class=""> gnode-1</div><div class=""> - gcontainer-website1</div><div class=""> - /data/brick1</div><div class=""><div class=""> - gcontainer-website2</div><div class=""> - /data/brick1</div></div><div class=""><div class=""> gnode-2</div><div class=""> - gcontainer-website1</div><div class=""> - /data/brick2</div><div class=""><div class=""> - gcontainer-website2</div><div class=""> - /data/brick2</div></div><div class=""><div class=""> gnode-3</div><div class=""> - gcontainer-website1</div><div class=""> - /data/brick3</div><div class=""><div class=""> - gcontainer-website2</div><div class=""> - /data/brick3</div></div></div><div class=""><br class=""></div><div class=""><b class=""><i class="">Where I need help:</i></b></div><div class=""><br class=""></div><div class="">- I don’t know which method is best (or if all 3 are technically possible, though I feel they are)</div><div class=""><br class=""></div><div class=""><b class=""><i class="">My concerns/frustrations:</i></b></div><div class=""><br class=""></div><div class="">- <b class="">Security</b></div><div class=""> - Option 1 - Gives me mixed feelings about putting all customers’ website files on one large volume and mounting subdirs of that volume into the LXD containers, giving the containers R/W to that sub dir using ACLs on the host. Mounting via "lxc device add” supposedly is secure itself, but I’m just not sure here.</div><div class=""><br class=""></div><div class="">- <b class="">Performance </b></div><div class=""> - Option 2 - Not sure if Gluster will suffer in any way by using it with say 50 volumes? (one for each customer website)</div><div class=""> - Option 3 - Not sure if I’m incurring any significant overhead running multiple instances of the Gluster Daemons, etc by creating an isolated Gluster cluster for every customer website. LXD itself is very lightweight, but would this be any worse than running say 50x the FOPs through a single more powerful Gluster cluster?</div><div class=""><br class=""></div><div class="">- <b class="">Networking</b></div><div class=""> - Option 3 - If all these mini Gluster clusters will be in their own containers, it seems I will have some majorly annoying networking to do. I force a couple ways to do this (and please let me know if you see alt ways):</div><div class=""> - a. Send all Gluster traffic to the Gluster nodes, then use iptables & port forwarding to send traffic to the correct container - Seems like a nightmare. I think I’d have to use different sets ports for every website’s Gluster cluster.</div><div class=""> - b. Bridge the containers to their host’s internal network and assign the containers unique IPs on the host’s network - Much more realistic, but not 100% sure I can do this atm as I’m on Digital Ocean. I know there’s private networking, but I’m not 100% sure I can assign IPs on that network as DO seems to assign the Droplets private IPs automatically. I foresee IP collisions here. If I have to move to a diff provider to do this, then so be it, but I like the SSDs :)</div><div class=""><br class=""></div><div class="">I’d appreciate help on this as I’ma bit in over my head, but extremely eager to figure this out and make it happen. I’m not 100% aware of the Security/Performance/Networking implications are for the above decisions and I need an expert so I don’t go too far off in left field.</div><div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br class="Apple-interchange-newline">Best Regards,</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br class=""></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Zach Lanich</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><i class="">Business Owner, Entrepreneur, Creative</i></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><b class=""><i class="">Owner/CTO</i></b></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">weCreate LLC</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class=""><i class=""><a href="http://www.wecreate.com" class="">www.WeCreate.com</a></i></div></div></div></div>
</div>
<br class=""></div></body></html>