Two domain names are required to provide a better UX for end-users.
- ERP domain name (for main site, links to the Load Balancer)
- DAV domain name (for CDN and filesystem, links to Apache)
These domains would be linked to access points on the system via a static public IP.
A load balancer is required to filter user queries using roundrobin
. recommended specs for a soft load blancer are:
- Ubuntu 14.04.3 LTS (or any newer LTS)
- HAProxy 1.6.1 (or newer)
If a hardware based load balancer is available, then that would be recommended.
This load balancer then forwards queries to multiple nodes (for start, a single node is required).
Computation node would host the application and framework. It requires the following features:
- Ubuntu 14.04.3 LTS (or any newer LTS)
- Apache 2.4.17 (or newer)
- PHP 5.6.12 (would be upgraded to PHP7 when released).
Apache must be configured with MPM Event
for optimal performance, PHP-FPM
might be required for this. Following modules are required apart from built-in Apache modules:
rewrite_module
mime_module
Apache should forward requests to PHP. Following PHP extensions are required by the system:
php_curl
php_fileinfo
php_gd2
php_openssl
php_pdo_mysql
php_sockets
php_xdebug
php_mbstring
The PHP working directory should be: /var/www
. The PHP user should not be able to access anything outside of it.
The resources server is a centeralized site for providing database, cache, sessions, and filesystem to the nodes. The following features are expected:
- Ubuntu 14.04.3 LTS (or any newer LTS)
- MySQL Community Edition 5.7 (or newer)
- Redis 3.0 (or newer)
- Apache 2.4.17 (or newer)
- phpMyAdmin 4.5.1 (or newer)
A global/privilaged admin should be created and the credentials should be stored/transfered safely.
Redis key-value storage would be used for cache and sessions.
DAV (Distributed Archiving and Versioning) system would be used for a centeralized filesystem. Fortunately, it comes built-in with Apache. This system would be used for storing user-uploaded files such as:
- Profile pictures
- Customer data (staging/selected)
- Reports ...
For direct access and better performance, this system should be directly accessible online (without any load balancer or proxy). The DAV domain name should be linked to this Apache. Following modules are required:
rewrite_module
dav_module
dav_fs_module
dav_lock_module
DAV modules can be easily enabled via simple shell commands (ref: google).
phpMyAdmin should be installed and configured with a global user to access/manage all databases in MySQL. Since it requires PHP as a dependency, any good PHP version (5.6.12+) may work.
- It should be secured via HTTP Basic Auth.
The system can work on any modern browser. However, the following browsers are recommended:
- Google Chrome v46
- Mozilla Firefox v41
- Microsoft Edge
Browser usage for TouchStone staff should be enforced, or it can cause serious problems in terms of safety, security, and UX.
DAV Domain Name ERP Domain Name Firewall via Internet or Intranet
╔══════════════════════════╗ ╔══════════════════════════╗ ╔══════════════════════════╗ ╥╥ ╔══════════════════════════╗
║ Resources Server ║ ║ Computation Node # ║ ║ Load Balancer ║ ║║ ║ Client ║
║ ║ ║ ║ ║ ║ ║║ ║ ║
║ Ubuntu ║<══════║ Ubuntu ║<══════║ Ubuntu ║<════════║║════════<║ Windows/Linux/Mac ║
║ MySQL ║>══════║ Apache ║>══════║ HAProxy ║>════════║║════════>║ Chrome/Firefox/Edge ║
║ Redis ║ ║ PHP ║ ║ ║ ║║ ║ ^ ║
║ Apache WebDav ║ ║ ║ ║ ║ ║║ ║ ║ ║
║ phpMyAdmin ║ ║ ║ ║ ║ ║║ ║ ║ ║
║ ╥ ║ ║ ║ ║ ║ ║║ ║ ║ ║
╚═════║════════════════════╝ ╚══════════════════════════╝ ╚══════════════════════════╝ ║║ ╚════════║═════════════════╝
║ ║║ ║
╚════════════════════════════════════════════════════════════════════════════════════════════════════║║══════════════════╝
╨╨