5.3. "Fake" Hardware LayoutWhat we want is three machines that will serve one purpose each. One machine (web1) will run Apache and be the only Internet facing piece of hardware (and should go in a DMZ as shown in Figure 5.1). The next machine (app1) will run Mongrel and service Rails requests to Apache. The last machine (db1) will run MySQL to maintain the database. Figure 5.1. Sample Network ConfigurationIn reality you'll probably have to test this configuration and mix it up a bit. You might need a couple of Mongrel machines or you might be able to use just one machine for everything. For education purposes, though, we'll just stick with this as if it were real. Additionally, you'll want to avoid configuring a firewall setup like in Figure 5.1 until you have a fully functioning and tested deployment and you know its performance. Firewalls are great for security, but when you're first setting up a deployment, they can complicate things unnecessarily. We've seen many deployments go wrong because of poorly configured firewalls, and knowing that the configuration worked before adding the firewalls is a big help. Reduce lurking variables (http://en.wikipedia.org/wiki/Lurking_variable) so you can focus on problems in isolation. |