NetShop ISP is an enterprise hosting provider providing High-end Infrastructure and IT services via 9+ Datacenters in Cyprus, Malta and the United Kingdom.
NetShop’s philosophy is to primarily invest in its people with constant training and training labs on every trending and community-supported open-source project which will allow our DevOps teams to help in new products/technology developments internally, as well as support our Customers who opt-in for Managed Services and Hands-on Assistance.
As per our experience with hundreds of setups we implemented for Organizations in the iGaming, Fintech, Forex, Blockchain and the Tourism industries, it has shown that the majority choose the path of Commercial Products (Software and Hardware) due to the lack of time and human resources to dedicate on Research & Development for Open-source alternatives.
Although the terms of licensing are completely understandable to me as a professional, I cannot neglect the fact that many companies, especially startups, cannot afford the costs brought by the various Licenses.
The Case Study that follows demonstrates a few of the Technologies and DevOps Tools used for an iGaming Company that required a High Network Uptime with a Disaster Recovery Option as per their Business Continuity plan. The solution has been built as a Private Cloud Infrastructure, integrated with Open-source software to facilitate various key functions.
– We have provided 2 cross-connect feeds from redundant ISPs, with 99.93% Guaranteed Uptime on each feed.
– Our choice was to proceed with PFSense and its popular CARP feature which provides high-availability cluster on each feed.
– The best solution for this setup was the use of dedicated / bare-metal servers with a local network of 10G for faster speed within our Private vLANS.
We have utilized the very popular Haproxy which provides:
– A fully customized load balancing solution with the option of adding multiple nodes per service.
– A simple first row defense against DDoS attacks with protection against TCP Syn flood attacks and slowloris attacks.
– The possibility to create ACL (Access Control List) for each sub-domain or specific path – URL with diverting traffic to specific load-balancer group of servers.
– Haproxy will also handle SSL offloading which significantly helps in reducing traffic on the front-facing web servers.
It is important to note that this configuration is replicated from the PFSense master server in real-time to the secondary PFSense through Virtual Network Interface with just 1 ping timetout.
– We have installed Ubuntu OS (https://www.ubuntu.com/) and proceeded to create an Nginx (https://www.nginx.com/) node with multiple nodes (load balancers) that will handle the web requests to the platform servers.
– The nginx configuration has been optimized accordingly, i.e. limiting the number of connections, closing slow connections and limiting the rate of requests to prevent Layer7/HTTP DDOS attacks.
– In order to take full advantage of what Node.js offers, we were able to share child processes over server cores thus creating a load balancing within the application level.
– In order to achieve maximum high availability and ensure real-time replication, we have created a group with 1(One) R/W (Read&Write) and 2 R/0 (Read/Only) using the AdminAPI.
– With the Built-in failover, the AdminAPI automatically promotes the secondary server if the primary server fails.
– For our Database servers we used Ubuntu OS (https://www.ubuntu.com/) and proceeded to install Apache Tomcat (https://tomcat.apache.org/) to power our large-scale, mission-critical web applications (the Games).
– For each particular Game Application we configured a Tomcat cluster for Load Balancing and Load Distribution to serve each Game.
– We have utilized Catalina (Servlet Container), Coyote (Http Connector) and Jasper (JSP engine) to finally power up the Games.
In such a business critical application, we understand the need to have Monitoring on critical services and be able to take preventive actions against any future threats.
– We setup an “offsite” server with Ubuntu OS and configured the Nagios Monitoring System.
– Real time monitoring for our infrastructure (Network-Server-Application monitoring) and specific services, was fully handled by the Nagios System, enhanced with custom plugins developed by our Team.
It is important to highlight that the implementation of Open-source software and technologies, still requires a serious level of expertise, in-depth knowledge, and consistency on scheduling regular Maintenance tasks.
Should anyone requires to deploy a high availability infrastructure, we recommend the following:
1. Invest time in researching, studying and experimenting each system in your own lab/testing environment.
2. Provide time for adequate alpha and beta testing prior going on production
Alternatively, our highly experienced team at NetShop ISP can lift the burden off your shoulders by taking care the setup of such highly-available infrastructure, as well as the entire maintenance so you can entirely focus on your core business.
Feel free to speak with any of our Customer service representatives to find out how your Business can benefit and utilize a highly available infrastructure in any of our Datacenters (Cyprus, Malta, UK).
© Copyright 2004-2020 S.S. NETSHOP INTERNET SERVICES LTD trading as “NetShop ISP”. All rights reserved.
29 October 2020