To complete the necessary prerequisite steps before building a deployment with the Chef-based ServerTemplates.
Table of Contents
The following steps should be performed before you attempt to build a multi-tier deployment such as the 3 Tier Deployment Setup (PHP) setup tutorial.
Prerequisites: Requires 'actor' user role privileges in the RightScale account.
The first step is to create a new deployment for the project. It's not recommended that you use the "Default" deployment or an existing deployment for new development because you do not want to accidentally inherit any unknown configuration settings. Therefore, it's recommended to always create a new deployment when you start a new project. Be sure to use a unique and descriptive nickname for each deployment. (e.g. My Project Name)
Tip: Most users find it useful to create a bookmark in the left-hand pane of the dashboard that links to the deployment's Servers tab.
In a typical 3-tier architecture setup, DNS A records are used to create fully qualified domain names (FQDNs) that map to a particular server or tier of servers. The digram below shows a typical example of a 3-tier website architecture.
In this type of architecure, the application servers locate the "master" database server by using Master-DB's FQDN (e.g. db-master.example.com), which points to the Master-DB's private IP address. Similarly, front-end web traffic can be routed to a FQDN (e.g. www.example.com) where each load balancer server has a DNS record for that FQDN so that incoming requests are routed to one of the load balancer servers. Since the IP address of an instance in the cloud is often dynamically assigned at launch time, you are required to use a DNS provider that supports dynamic DNS (i.e. the ability to dynamically update the IP address of an A record) for the Master-DB server (at a minimum). You can also use the same DNS provider for creating FQDNs for the load balancer servers. However, since they do not require the use of dynamic DNS, any DNS provider can be used.
When you create the DNS records, it's important to set appropriate TTLs to ensure that servers will not stay connected to an old IP address that is no longer assigned to a functional server. For example, the DNS record that points to the "master" database server should have a low TTL to ensure that the application servers will connect to the correct server within a reasonable amount of time. It's strongly recommended that you use a TTL of 60 seconds for the DNS record that points to the "master" database server.
Note: If you are using Rackspace's Cloud DNS service, you must use a TTL of 300 seconds because that is the lowest allowable TTL. Be sure to change the 'Database DNS TTL Limit' input from 60 (default) to 300.
You will need to create DNS records for the following servers:
RightScale's ServerTemplates contain scripts that support one of the following DNS providers. Create an account with one of the DNS providers below and set up the A records accordingly.
Prerequisites: Requires 'designer' user role privileges in the RightScale account to create a new credential.
Note: Only the user who created the credential and any 'admin' users will be able to view and modify an existing credential.
Credentials are a way of passing sensitive information to a script (as an input) in a discrete manner without making the actual value visible in the Dashboard. As a best practice, many of the ServerTemplates published by RightScale are preconfigured to use certain credentials. It's recommended that you create these common credentials in your own account. If they already exist and apply to a different deployment, you might want to create a new set of credentials to avoid any conflicts. In such cases, it's helpful to use a common prefix to group the credentials together. (e.g. APP1_DBADMIN_USER)
If you try to launch a server where one of the inputs references a credential that does not exist in the RightScale account, you will receive an error message and will not be able to launch the server. Therefore, it's best to create any required credentials before you configure and launch a server. Depending on your cloud provider and backup storage selections, you may want to create additional credentials.
At a minimum, create the following credentials. See Create a New Credential for more information.
Note: If you are going through the 3-tier tutorial and are using the provided sample application and database files for testing purposes, use the sample "3 Tier Tutorial" values highlighted below.
* If you use Amazon Route 53 as your DNS provider, you do not need to set up separate DNS user name and password credentials because your AWS credentials are used for authentication purposes.
If you are using Amazon S3 to store binary database backups or retrieve a "private" file from an S3 bucket, you will need to use the following AWS credentials. Fortunately, these credentials are automatically created when AWS credentials are added to a RightScale account. Although, they are available for use when you define your inputs, they will not be listed under Design > Credentials.
Note: AWS credentials are located under Settings > Account Settings > Clouds.
Rackspace Cloud Files
If you want to use Rackspace Cloud Files for storing binary database backups, you will need to create the following credentials.
SoftLayer Object Storage
If you want to use SoftLayer's Object Storage for storing binary database backups, you will need to create the following credentials. See Set up SoftLayer Object Storage.
Source Control Management (SVN, GitHub)
If you are using a source control management (SCM) system to host your application code, you will need to create the following credentials to retrieve your source code from the specified repository.
Secure Sockets Layer (SSL)
If you are using SSL to support HTTPS access, you should create credentials for any of the following values that apply. See How do I create an SSL certificate for my web server?
Prerequisites: Requires 'actor' user role privileges in the RightScale account to create SSH Keys and Elastic IPs, and 'security_manager' privileges to create security groups.
Each cloud infrastructure is unique and requires different resources in order to launch a server in their cloud. Depending on the type of cloud infrastructure that you're going to use to launch servers, you will find it useful to create some of the required cloud-specific resources beforehand so that you can select them in the "Add Server Wizard" when you add servers into a deployment. Cloud resources are also cloud-specific. For example, you cannot launch an EC2 instance in the 'us-east' region with an 'us-west' security group.
If you are following a standard 3-tier tutorial for testing and demonstration purposes only, you can create a single security group with the following permissions. If you are building a 3-tier deployment for a production environment, you should consider using more robust security group settings. See Configure Multiple Security Groups for a Multi-Tiered Deployment.
At a minimum, the security group should contain the following firewall permissions. Note: Port 443 is only required for SSL support (HTTPS).
Simple Storage Service (S3) is Amazon's remote object store (ROS) where you can store static files that can be used by EC2 instances in any AWS region. For example, you can store a database dump file in an S3 bucket and then launch an EC2 instance that will retrieve the file from the S3 bucket. S3 buckets are also used to store binary backups of a database.
If S3 is not activated for your AWS account, please sign-up for the service now. (http://aws.amazon.com/s3/)
© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.