Archives

Build a scalable, load balancing for moosocial on DigitalOcean

1. Create Droplets on Digital Ocean

Creating 4 droplets installed Centos 7 server  with private networking enable. We assume their ip follow the information below :

  • Droplet 1 ( It will be MySQL server ) with ip : 10.130.10.11
  • Droplet 2 ( It will be Redis server ) with ip : 10.130.10.12
  • Droplet 3 & 4 ( It will be Webserver) with ip : 10.130.10.13 & 10.130.10.14

Next step, we need to config private manual ip for each droplet ( refer link ) :

ifconfig -a   # for get ether value of eth1
vi /etc/sysconfig/network-scripts/ifcfg-eth1
# then entering the value below
DEVICE="eth1"
HWADDR=e6:76:13:3b:e7:1d  # get from ifconfig -a
IPADDR=10.130.10.11       # or 10.130.10.12/13/14
BOOTPROTO=none
ONBOOT="yes"
NETMASK=255.255.0.0
NM_CONTROLLED="yes"
IPV6INIT="no"
DEFROUTE="no"
 
# After editing , press ESC then typing : x then enter .
# Reboot.

2. Install MariaDB Database Server

2.1 Install Maria on Centos 7

sudo yum install mariadb-server
sudo systemctl start mariadb
sudo systemctl status mariadb
sudo systemctl enable mariadb
 
# After installing complete , set root account with password yourpass .
# From root account , creates moo account with password yourpass then granting remote access for droplet 3 & 4 .
 
CREATE USER moo@10.130.10.13;
GRANT ALL ON mooapp.* TO moo@10.130.10.13 IDENTIFIED BY 'yourpass';
 
CREATE USER moo@10.130.10.14;
GRANT ALL ON mooapp.* TO moo@10.130.10.14 IDENTIFIED BY 'yourpass';

2.2 Configuring and opening port Firewall

Notice that we don’t use the firewall is  provided by digitalOcean from web dashboard because it’s very simple firewall and we will get more dangerous in load balancer environment .

yum install firewalld
systemctl start firewalld
systemctl enable firewalld
firewall-cmd --get-services
firewall-cmd --zone=public --add-service=mysql --permanent
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="10.130.10.13" service name="mysql" accept' --permanent
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="10.130.10.14" service name="mysql" accept' --permanent
firewall-cmd --permanent --list-all
firewall-cmd --reload

2.3 Mysql tuner for increased performance and stability

https://github.com/major/MySQLTuner-perl

key_buffer_size = 25 to 30 percent of the total available memorytable_cache = max_connections x N  where N is the number of tables in a typical join

3. Install Redis Cache server ( It will be noSQL server in feature )

sudo yum install epel-release
sudo yum install redis -y
sudo systemctl start redis.service
sudo systemctl enable redis
sudo systemctl status redis.service
sudo systemctl restart redis.service
 
vi /etc/redis.conf # then finding and entering the text bellow
 
bind 10.130.10.12
requirepass yourpass
 
# press ESC then typing :x then enter
sudo yum install firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --permanent --new-zone=redis
sudo firewall-cmd --permanent --zone=redis --add-port=6379/tcp
sudo firewall-cmd --permanent --zone=redis --add-source=10.130.10.13
sudo firewall-cmd --permanent --zone=redis --add-source=10.130.10.14

4. Install Nginx server and PHP-FPM and GlusterFS on droplet 3 & 4

Prepare tool Redis-cli and Mysql client for testing remote access from droplet 3&4 to 1 and 2

4.1 Install redis-cli

wget http://download.redis.io/releases/redis-5.0.5.tar.gz
tar xvzf redis-5.0.5.tar.gz
yum install tcl gcc
make redis-cli
 
# How to check remote connection to Redis server
cd /root/redis-5.0.5/src
./redis-cli -h 10.130.10.12
auth yourpass
FLUSHALL
set test 1
get test

4.2 Install mysql client

yum install mysql
mysql -umoo -pyourpass -h10.130.10.11

4.3 Install Nginx server

systemctl status nginx
systemctl start nginx
systemctl enable nginx
systemctl restart nginx
Nginx Default.config Sample
server {
listen 80 default_server;
listen [::]:80 default_server;
root /usr/share/nginx/html/app/webroot;
# Add index.php to the list if you are using PHP
index index.php ;
access_log /usr/share/nginx/log/access.log;
error_log /usr/share/nginx/log/error.log;
server_name _;
// ssl on;
// ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
// ssl_certificate_key /etc/nginx/ssl/yourkey.key;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
# With php-fpm (or other unix sockets):
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index   index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.ht {
deny all;
}
}

4.4 Install PHP-FPM

sudo yum install epel-release yum-utils
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
sudo yum-config-manager --enable remi-php71
yum install php-fpm php-intl php-zip php-gd php-xml php-mysql php-mbstring php-redis php-curl php-xmlrpc php-json php-cli
 
systemctl enable php-fpm.service
systemctl start php-fpm.service
systemctl restart php-fpm.service
systemctl status php-fpm.service
 
vi /etc/php-fpm.d/www.conf
# user = apache to user = nginx
# group = apache to group = nginx
# listen.owner = nobody to listen.owner = nginx
# listen.group = nobody to listen.group = nginx
# And, lastly, change listen = 127.0.0.1:9000 to listen = /var/run/php-fpm/php-fpm.sock
 
systemctl restart php-fpm.service

4.5 Install GlusteFS

Refer link

yum -y install centos-release-gluster
yum -y install glusterfs-server
service glusterd start
systemctl enable glusterd
 
vi /etc/hosts
10.130.10.13 node1.domain.com node1
10.130.10.14 node2.domain.com node2
# press ESC then typing :x then enter
 
# On droplet 3
gluster peer probe node2 
gluster peer status
 
# On droplet 4
gluster peer probe node1
gluster peer status
gluster volume create shareddata replica 2 transport tcp node1:/shared-folder node2:/shared-folder force
gluster volume start shareddata
gluster volume info
# On droplet 3
gluster volume start shareddata
gluster volume info
# Mount
# On droplet 3
mkdir /mnt/glusterfs
echo "node1:/shareddata    /mnt/glusterfs/  glusterfs       defaults,_netdev        0 0" >> /etc/fstab
mount -a
df -h
ln -s /mnt/glusterfs/app/webroot/uploads /usr/share/nginx/html/app/webroot
ln -s /mnt/glusterfs/app/Config/plugins /usr/share/nginx/html/app/Config
# On droplet 4
mkdir /mnt/glusterfs
echo "node2:/shareddata    /mnt/glusterfs/  glusterfs       defaults,_netdev        0 0" >> /etc/fstab
mount -a
df -h
ln -s /mnt/glusterfs/app/webroot/uploads /usr/share/nginx/html/app/webroot
ln -s /mnt/glusterfs/app/Config/plugins /usr/share/nginx/html/app/Config

4.6 SELinux issues denies save files in webroot and remote  mysql connection

chcon -R -t httpd_sys_content_t /usr/share/nginx/html
chcon -R -t httpd_sys_content_rw_t /usr/share/nginx/html
chcon -R -t httpd_sys_content_rw_t /usr/share/nginx/log
# For remote connect mysql
setsebool -P httpd_can_network_connect 1

4.7 Configuring firewall

sudo yum install firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
# GlusterFS configiruation
sudo firewall-cmd --permanent --new-zone=glusterd
sudo firewall-cmd --zone=glusterd --add-port=24007-24008/tcp --permanent
sudo firewall-cmd --zone=glusterd --add-port=24009/tcp --permanent
sudo firewall-cmd --zone=glusterd --add-service=nfs --add-service=samba --add-service=samba-client --permanent
sudo firewall-cmd --zone=glusterd --add-port=111/tcp --add-port=139/tcp --add-port=445/tcp --add-port=965/tcp --add-port=2049/tcp --add-port=38465-38469/tcp --add-port=631/tcp --add-port=111/udp --add-port=963/udp --add-port=49152-49251/tcp --permanent
sudo firewall-cmd --permanent --zone=glusterd --add-source=10.130.10.14 ( on droplet 3)
sudo firewall-cmd --permanent --zone=glusterd --add-source=10.130.10.13 ( on droplet 4)
sudo firewall-cmd --reload

How to config STUN and TURN servers for Video/audio chat plugin

The Audio/Video chat feature requires Turn and Stun server to run. This article will tell you how to get the info to enter into the “STUN/TURN Server”  field in the setting page of chat plugin to enable Turn and Turn server

configure turn server

1.  Standard iceServers ( your own turn/tun server )

{
‘iceServers': [{
‘urls': ‘turn:114.72.208.156:3478‘,
‘username': ‘moo’,
‘credential': ‘xxxxxxxxxxx’
}, {
‘urls': ‘turn:114.72.208.156:3478‘,
‘username': ‘moo’,
‘credential': ‘xxxxxxxxxxx’
}]
}

Enter the above info into  “STUN/TURN Server”  field in the setting page of chat plugin to enable turn server

2. Using Turn server from twilio

1) How to get Sid and token?

Step 1: Go to https://www.twilio.com and register an account

Step 2: After create an account, log in and go to this page https://www.twilio.com/console

Step 3: Focus on “Templates” tab, find “Web Chat” and click to create a new project

Step 4: Provide project name and click “Continue”

Step 5: Click “Skip this step”

Step 6: Go to https://www.twilio.com/console/project/settings, click on “Authenticate to make changes”, then enter your account password

Step 7: Focus on “API Credentials” section, you can find “Account SID” and “Auth token” from “LIVE Credentials”. Copy and replace sid, and token with appropriate values of string below

2) Setting string format

{
‘api':{
‘url': ‘https://api.twilio.com/2010-04-01/Accounts/[SID]/Tokens.json‘,
‘sid': ‘[SID]’,
‘token': ‘[token]’
}
}

Enter the above info into  “STUN/TURN Server”  field in the setting page of chat plugin to enable turn server

3. Using turn server from xirsys provider 

1) How to get Sid and token?

Step 1: Go to https://xirsys.com/ and register an account

Step 2: After create an account, log in and go to this page https://global.xirsys.net/dashboard/services

Step 3: Click on “Services” tab, then provide your app name

Step 7: After create an app, you can see a new layout where you can find “API Token”. Copy and replace app name, username and api token with appropriate values of string below

2) Setting string format

{
‘api':{
‘url': ‘https://global.xirsys.net/_turn/[App Name]’,
‘sid': ‘[login username]’,
‘token': ‘[api token]’
}
}

Enter the above info into  “STUN/TURN Server”  field in the setting page of chat plugin to enable turn server

Please contact us if you have any questions.

How to restart chat add-on if it is not working on your site?

C_Users_user_AppData_Local_Packages_Microsoft.SkypeApp_kzf8qxf38zg5c_LocalState_baceb6d1-fe24-4fea-89d2-7f9cf2271319

How to restart chat add-on if it is not working on your site?
After your server is restarted, change the port, SSL key, cert in ChatApp.js

Step1: Open SSH and log in by SSH root account info

Step2: Open pm2

Step3: run pm2 show ChatApp to check the ChatApp status

Step4: If ChatApp.js is not started then run pm2 start ChatApp.js

Step5: else if ChatApp.js is started then run pm2 restart ChatApp

Step6: Check chat addon on your site again

mooSocial Self-Hosted – Step-by-Step Guide

Please follow the below main step to configure your mooSocial after finish installing mooSocial

  1. How to login to admin panel to configure site
  2. Why and how to to clear cache when make changes in admin dashboard. 
  3. Do general settings like Change site name, site description, site keyword, set default timezone, default language….
  4. Set up SMTP to send notification & invite friends email
  5. Add Google Developer Key Or Enable OpenStreetMap
  6. Change Powered by info at footer, mooSocial Logo and favicon icon
  7. Change max upload file size
  8. Enable Spam Protection with reCaptcha 
  9. Setup Facebook & Google Login button
  10. Secure your site by enable SSL
  11. Change content of about us, site policies, terms of services.
  12. Add new page into your site
  13. Install new language if you want to have more than 1 language. You also purchase “Translation tool” plugin so that you can change all texts OR translate text to another languages using this plugin.
  14. Setup email of “contact us” form
  15. Purchase and install new plugins + themes
  16. Setup Cron
  17. Manage menu
  18. Layout Manager
  19. Add Adsense Ads Widget
  20. Change color of the theme
  21. Create your own custom landing page using magic page plugin. Need to buy magic page plugin here

Configure these plugins if you buy those

Frequently Ask Question