Use GUI, CLI or API to run a Web App in VPC network
Purpose
Build a load balanced 3-tier web application that separates the web, application, and data tiers by placing them in separate subnetworks.
Based on Solution Tutorials - Highly Available & Scalable Web App
This document illustrates the deployment of WordPress on top of a LAMP stack (software_bundle) hosted on IBM Cloud Virtual Private Cloud (VPC). The main objective is to highlight the features of IBM VPC but at the end of this tutorial, a tested and working application environment will be deployed.
Features:
- Application
- A load balanced application - WordPress
- Using multiple databases - HyperDB
- With source/replica data replication - MySQL
- Infrastructure
- Public isolation - VPC
- Where application and data layers are deployed on separate subnets
- With separate network security groups
- Using bring-your-own-IP
Below is the IBM Virtual Private Cloud (VPC) architecture of the solution showing public isolation for both Application (through an Application Load Balancer) and data.
VPC Architecture
Assumptions and Limitations
- This document expects the reader to have a basic level of understanding of network infrastructure and application deployment on a Linux environment.
- The solution will use HTTP.
- The LAMP stack will use Nginx Web Application Server and MySQL will be deployed on a separate server.
- Fixes to issues found during the deployment of the environment have been provided. However, these fixes are as of the time of this writing and other issues may occur with new deployments or versions of the stack.
- Not shown in the architecture diagram is the use a public IP addresses in order to deploy the application. IBM VPC uses a floating IP and a Public Gateway to allow internet traffic. We will use these to access the VSIs and pull the software from public repositories. Once the images are deployed, floating IPs will be removed for improved system isolation.
- Bring-Your-Own-Image (BYOI) is not included.
- Network storage is not included.
VPC Functional Coverage
| Function | Result | Notes |
|---|---|---|
| VPC | ✅ | |
| Subnets | ✅ | |
| Private IP (BYOIP) | ✅ | |
| Virtual Server Instance (VSI) | ✅ | |
| Multiple Network Interfaces in VSI | ✅ | |
| Application Load Balancer | ✅ | |
| Floating IPv4 | ✅ | |
| Public Gateway | ✅ |
System Requirements
Operating system
| Tier | Operating system |
|---|---|
| Web Server & Application | Ubuntu 20.04 |
| Data | Ubuntu 20.04 |
Hardware
| Tier | Type | Profile |
|---|---|---|
| Web Server and Application | VSI | bx2-4x16 |
| Data | VSI | bx2-4x16 |
Documented Steps
To build this scenario we will first deploy the VPC infrastructure followed by the deployment and configuration of the application. Then, we will build and configure an HA application cluster to enable scalability of the application when higher traffic requires new nodes added to the application load balancer.
Prerequisites
The following needs to be executed before starting with the deployment:
- Have access to a public SSH key as described in SSH Keys.
- Create a new resource group called
VPC1as described in Managing resource groups - Once the
VPC1resource group has been created, update user permissions and provide the required access as described in Managing user permissions for VPC resources
Deploy VPC Infrastructure
IBM Cloud provides four methods to deploy the VPC infrastructure and three of them are documented here. The reader may follow the instructions using one of these to set up the environment for this scenario.
Install Web Application
Deploy the application once the VPC infrastructure has been deployed.
Error Scenarios
Application layer failures are included during the deployment and test of the software stack. No infrastructure failures were introduced.
Documentation Provided
Useful links for VPC documentation.
Getting started with IBM Cloud Virtual Private Cloud
Assigning role-based access to VPC resources
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent