0

This is my proposed setup using OpenVZ containers (hosted on Proxmox):

CT 1: MySQL and nginx. Hosts all databases and multiple websites(domains). Used ports are 80, 443, 3306, 8080

CT 2, 3, 4: These host special servers that all listen on ports 7171 and 7172. They also connect to CT1 for their databases.

To connect to the websites, people use exampledomain1.com exampledomain2.com and so on

To connect to the servers in CTs 2, 3 and 4 people use login.exampledomain1.com:7171 and so on (once authenticated the client switches to port 7172)

MySQL listens on mysql.exampledomain9.com

So would it be best to get extra IPs for this configuration? How many would I need(maybe one per domain?)?

Dominique
  • 1

3 Answers3

0

Now you need one IP per public computer. No more. Apache can be setup to handle any number of domains on HTTP and HTTPS.

Private computers (as in backends,) if you can, set them up with local IP addresses.

With the following you can add multiple IP addresses to the same Ethernet port allowing you to create similar servers with the same port. Obviously, it also means you'll need to use the correct IP to connect to said server (i.e. 192.168.1.2 and 192.168.1.3 as shown here.)

auto eth1:0
iface eth1:0 inet static
    name Local network
    address 192.168.1.2
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255
    gateway 192.168.1.254

auto eth1:1
iface eth1:1 inet static
    name Local network
    address 192.168.1.3
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255
    gateway 192.168.1.254

etc.

Note: there is no real limit to the number of ports you can add now a day, although some boards may not accept more than 255 or 256 IPs and having too many may slow down your network.

Alexis Wilke
  • 2,210
  • 1
  • 20
  • 37
  • I'm not going to have a problem with three servers listening on the same ports on the same ip? – Dominique Mar 01 '14 at 16:53
  • Apache gives you a way to distinguish each HTTP connection using the domain name used to access the port. So you really only have one listen (two if you accept HTTPS) and the software automatically selects the virtual host based on the information found in the HTTP request. – Alexis Wilke Mar 01 '14 at 23:38
  • The webserver does not concern me, I'm worried about the three separate servers in CTs listening all on port 7171. I ran a test here on my local network and I cant have three local IPs(192.168.x.x) all listening on port 7171 – Dominique Mar 02 '14 at 00:42
  • On my local server I have 192.168.1.1: and 192.168.1.2: and it works as expected... ( can be 80, 53, 22, etc. -- it is not limited to Apache) Each IP has to be different and either setup on the same Ethernet board or different boards (if you have multiple Ethernet connectors). I added info on the way I use to add additional static IPs to my Ethernet connections. – Alexis Wilke Mar 08 '14 at 22:03
0

Generally speaking, you should aim to use as few IP addresses as possible.

If your application works and you only have one public IP address, it's fine.

If you need to distinguish different roles on the server, or you want to forward-plan for a segregation of roles in the future, use dns names to identify each role that the server performs.

Vasili Syrakis
  • 4,558
  • 3
  • 22
  • 30
0

Short answer: No you should not. Please read below for recommendations.

Please consider NOT having your database open via public internet. As you are using OpenVZ containers you should be able to access them via internal network. If that is possible, you should bind MySQL to listen on LAN IP. You can set this in my.cnf. With this setup you can either point mysql.domain.com to that Internal IP or skip that and use /etc/hosts file on your web server to not expose your internal configuration via public DNS.

There is little reason to have database server accessible from internet. If you cannot use internal network then I would go on setting up internal VPN between two servers. OpenVPN could be used for that and basic setup would be enough.

ek9
  • 2,093
  • 4
  • 19
  • 23