Обсуждение:Делова Ферма

Материал из Брацка Правки
Версия от 14:59, 25 июля 2022; Gary (обсуждение | вклад) (Приёмка кластера)
Перейти к: навигация, поиск

Приёмка кластера

Подрядчик
Your HA proxmox was ready. I have tested it, and it running well.. You can do trial and testing meanwhile I am writing its documentation ... However, Not all users could access IPv6, you must have ISP ipv6 supported, modem ipv6 supported and devices ipv6 supported. ... That's why, I changed my ISP to ISP ipv6 supported. And now, I can access IPv6 and IPv4
Заказчик
To test, I am going to assign a domain name and install a HumHub instance. How would you recommend installing that? What address shall I use for the domain name? ... I didn't get what I should do in regards to your IPv6 concerns. Do you want me to create one more vSwitch and buy IPv4 for that?
Подрядчик
Currently our proxmox is running well on ipv6, I put 2 domains using ipv6. First pm1.seethisnow.site, and second wordpress403.ntbprov.go.id. ... Can you ping to both of them? ... If not, you are the owner of these all services and can't reach your own assets. So, how can we sell these services?, Meanwhile not all of our team members could access it. That means, ipv6 only for specific target, and it is not common for all users out there yet for now. FYI, wordpress currently doesn't support ipv6 yet, so you can't install wordpress to server that only using ipv6. ... to sum up, my point is our servers is ipv6 ready and everything goes well on ipv6. I just think about your market target? Did they all ipv6 supported already? If not, I think you should consider about ipv4, I know it is quite expensive. But for now, ipv4's scope area much larger than ipv6. ... If I only thinking about my self, I would say "we should use ipv6". However, I cant be like that, I believe money is easy thing to find. And my satisfaction is when I can help you to reach your goal. And last but not least, decision is yours.
Заказчик
  1. I succeeded in pinging both pm1.seethisnow.site and wordpress403.ntbprov.go.id
  2. At the moment, we plan to have HumHub, Odoo, SuiteCRM, and, possibly, Jitsi there. I purchased a separate Cloudflare service for Wordpress. We may try to install all and ask our team members whether they can access.
  3. What if we make both IPv4 and IPv6?
  4. It looks like we could save money if we purchased IPv6 only servers, couldn't we?
P.S. I asked you two questions that you didn't address --
  • How do you recommend installing our applications?
  • What address shall I use for the domain name? 2a01:4f8:fff0:53::2 ?
Подрядчик
for better experience, we can use lxc containers for each apps. If lxc container not enough, we can upgrade to vm. ... then you can decide, which apps need to using HA feature. ... If you want easier to manage, you can use one ip for each apps, and lxc container very light (because we have so many ipv6, but if you want to use ipv6 yes we can use only 1 ip address). how many users will use jitsi? ... I can make all those apps behind pfsense firewall, so only need 1 public ip to all those vms or containers, except jitsi. Jitsi better use public ip directly. ... if you want add public ipv4, please add to vswitch with public ip. so we can use ipv4 and ipv6 simultaneously
Заказчик
  1. I have researched the IPv6 topic more and decided not to add IPv4. According to Google (who else would know better?), 38% of the Internet is already IPv6. May you include a possibility of adding IPv4 to vSwitch with public IP into documentation?
  2. Starting with lxc containers for each app sounds reasonable. All of the apps need to using HA feature.
  3. I like your one-ip-for-each-app idea. So, should I do 2a01:4f8:fff0:53::2, 2a01:4f8:fff0:53::3, etc.?
  4. I cannot estimate the number of Jitsi users. There were fewer than 10 before. I guess that we can target 50 as a max for now.
  5. I am not familiar with the pfsense firewall, but am open to it. When you wrote, "so only need 1 public ip to all those vms or containers," did you mean IPv4?
Подрядчик
  1. Sure, I can include a possibility of adding IPv4 to vSwitch with public IP into documentation.
  2. All of the apps will be lxc containers using HA feature.
  3. 2a01:4f8:fff0:53::2, 2a01:4f8:fff0:53::3, etc. addresses will work.
  4. With regards to Jitsi, we can create a vm or container with 8 cpu core for maximum 50 participants. Or if you have a small groups, you can use talk from nextcloud. Or if you think, you need a video conference for student or engineer, you can use bigbluebutton.
  5. Pfsense is a firewall OS, you can using ipv4 only, ipv6 only, or both of them. I just suggest if we use ipv4, so that could help to make more efficient in using ipv4. All vps behind firewall will using a private network, or network on vSwitch with non-public IP. And all internet connection will through pfsense interface.
Заказчик
  • I added 4 AAAA records as follows -- DNS зона
  • We planned to use nextcloud, but not on this cluster and not HA for sure.
  • I haven't used BigBlueButton for years. Have they fixed their mobile access troubles?
  • Okay, let's try pfsense. It sounds promising.
Подрядчик
  • What version did you use bigbluebutton last time? It's version 2.6 now. And using ubuntu 20.04
  • Have you point domain name for your proxmox server?
  • May I know, how many employee did you have? I need this information to decide server specs for Odoo
Заказчик
  • Last time, I used BigBlueButton somewhen in 2017, if not 2016. It used Flash then and didn't work on mobile devices. I looked at their specs now and see that now it can be run on Safari and Chrome, which is an improvement. You didn't respond to my direct question whether they fixed their mobile access troubles :)
  • Besides 4 AAA records, I haven't done anything. What exactly do you want me to do? Should I assign different names to every node? every IPv4 address available? Anything else?
  • We are in startup mode yet. Let's plan for 10 employees.
Подрядчик
  • you can use following names:
    1. pm1.bskol.com A 88.99.218.172, AAAA 2a01:4f8:10a:439b::2
    2. pm2.bskol.com A 88.99.71.85, AAAA 2a01:4f8:10a:1791::2
    3. pm3.bskol.com A 94.130.8.161, AAAA 2a01:4f8:10b:cdb::2
  • and if you want, you can give a subdomain for pfsense -- pf.bskol.com AAAA 2a01:4f8:fff0:53::6
  • also, would you like to have backup server for your proxmox? if you do, I can Install proxmox backup server
  • Sorry I missed that part, now they're using html5 and nodejs. bbb support mobile browsers since they migrated to html5.
Заказчик
  1. I created A and AAAA records for pm1., pm2., and pm3., as well as AAAA for pf.bskol.com. That is funny. We (Natalia and myself) are relatively new to system administration. Someone advised us not to use our primary IP addresses in DNS, so we did so. Do you have any idea why? :)
  2. The proxmox backup server is awesome -- yes, for sure.
  3. I got your BBB point. I will discuss with Natalia how we can revisit that software.
Подрядчик
  • PM1, PM2, PM3 are using your primary ip from hetzner. ... your IP from hetzner will we use as management ip for Proxmox. ... other hosted apps will use ip from vswitch, because with this method we can do HA.
  • I think we stay with jitsi for now, I will build scale up jitsi.
Заказчик
Our IPv6 approach yet concerns me. What if we decide to expand, let say, to Pakistan? For now, each PVE instance has two addresses -- IPv4 and IPv6, but we really need only one, AAAA. May we use IPv4 addresses to point directly to our apps? To the best of my understanding, they will lack HA features, but they will still be accessible via IPv4.
Подрядчик
  • Did you mean, we are using our only one pve ipv4 address for apps?
  • If that so, that means we will disable HA feature. Why dont you say it from begining? So, I will not set up proxmox in HA mode. In HA mode, you only can use 1/3 capacity harddisk totally. So, if one server has 512GB, in HA we only can use 512GB totally. In fact, HA mode uses 3 servers, that means we able use 512GBx3 at maximum on clustering only mode.
Заказчик
I meant nothing you said; I am sorry for not being more clear. Let's try from another side. We don't really need IPv4 addresses, do we? If I delete A records, the cluster would still work, right?
Подрядчик
  • Yes, absolutely. but I never tried to separate ipv4 and ipv6 which is given by hetzner. You want to try that method? Let's do it, please point ipv4 from pm1. to jitsi site, and ipv4 from pm2 to pfsense, and all others apps point to pfsense ipv4.
  • lets try this, inform me if you have updated the records
Заказчик
I decided to do that step-by-step. For now, I have just deleted all of the "A" records. I am going to sleep now, wake up tomorrow and check. If it works, then, we will play with directing IPv4 directly to apps. What web server do you use? Nginx? Apache? Neither? Both?
Подрядчик
  • some of apps will use apache and the others will use nginx
  • actually, we only use ipv6 from begining. it's why I tried using my own domain with AAAA record only. pm1.seethisnow.site
Заказчик
Источник — «https://pravka.bskol.com/w1/index.php?title=Обсуждение:Делова_Ферма&oldid=24882»