After adding one of the two new machines to my network I am faced with the issue of the best way to expand my network. I would love feedback from some of you network admins or those more familiar with the services I’m looking at. Below is my current network setup + ideas for expansion:
Currently I run my hosting via a single machine, server1. It handles apache, php, mysql, etc + email via postfix. server2 is basically a mirror of server1 receiving a nightly rsync & mysqldump to keep the web end of things up to date incase of a crash, etc. It also has postfix configured to take over if needed but doesn’t & hasn’t handled any live traffic.
I was thinking of setting up one of these two new machines as a DNS server. From what I understand this would be the best way for me to expand my web servers (ie; serve sites from multiple machines as need grows). I would also like to transfer email service to a dedicated machine to help spread out the load. I suppose this could be handled via DNS or basic port-forwarding, I’m not much worried about that.
My concern lies in user management. Lets say I setup server1 & server2 to be strictly web servers. If I create a user on server1 or server2 and they go to server3 for email, how are these user accounts going to be universal? Is this thru LDAP/NIS? If so would I, perhaps, dedicate a machine to DNS + LDAP/NIS? Also, do the users need to be created on the LDAP server or would the server reflect changes on each client as well?
Looks like I’m moving into some new territory with this but that’s how we all learn I guess. What suggestions does everyone have for expansion?
“I was thinking of setting up one of these two new machines as a DNS server. From what I understand this would be the best way for me to expand my web servers (ie; serve sites from multiple machines as need grows).”
I guess I don’t really know how that would help in serving web pages. You can do round-robin with any DNS (don’t need to host it yourself) and point “www” or whatever to a couple of IP addresses – each running a web server. I think the best way would be to set up Apache with a reverse proxy and let it hand the work off to other web servers.
Also, if you have less then 20 users or so, I think LDAP is overkill (well, it’s nice, but a lot of work for that small of a group). But really, it all depends on what your setup is and what you want.
My 2 cents.