Application hosting
- Application Hosting
This article details the server configuration for application hosting within our MediaWiki environment. It is intended for newcomers responsible for server maintenance and expansion. Understanding these configurations is crucial for ensuring the stability and performance of hosted applications.
Overview
We utilize a distributed server architecture to host various applications alongside MediaWiki itself. This approach allows for resource isolation, scalability, and improved fault tolerance. Applications are generally containerized using Docker and orchestrated with Docker Compose, though bare-metal deployments are also supported for specific legacy systems. This document focuses on the underlying server infrastructure and configurations, not the application-specific details. See Server Administration for general server maintenance procedures.
Server Hardware Specifications
Our application hosting servers are built to a standardized specification to simplify management and ensure consistent performance. The following table details the core hardware components:
| Component | Specification | |
|---|---|---|
| CPU | Intel Xeon Gold 6248R (24 cores/48 threads) | |
| RAM | 128 GB DDR4 ECC Registered | |
| Storage | 2 x 1 TB NVMe SSD (RAID 1) for OS & Applications | 4 x 8 TB SATA HDD (RAID 10) for data storage |
| Network Interface | Dual 10 Gigabit Ethernet | |
| Power Supply | Redundant 800W Platinum |
These specifications are subject to change based on application demands and budget constraints. Please consult the Hardware Inventory for the latest details. Regular hardware monitoring is performed using Nagios.
Operating System and Software Stack
All application hosting servers run Ubuntu Server 22.04 LTS. This provides a stable and well-supported base for our applications. The following software is installed as standard:
| Software | Version | Purpose |
|---|---|---|
| Operating System | Ubuntu Server 22.04 LTS | Base operating system |
| Docker | 24.0.7 | Containerization platform |
| Docker Compose | v2.21.0 | Container orchestration |
| Nginx | 1.25.3 | Reverse proxy & load balancer |
| Fail2ban | 0.12.0 | Intrusion prevention system |
| UFW | 0.36 | Firewall |
Regular security updates are applied automatically via APT. We also employ a robust logging system using rsyslog to facilitate troubleshooting and security auditing.
Network Configuration
Application servers are segmented into different networks based on security requirements and application function. A dedicated VLAN is used for each application environment (development, staging, production). Nginx acts as a reverse proxy, routing traffic to the appropriate application containers.
The following table outlines the key network parameters:
| Parameter | Value |
|---|---|
| IP Address Range (Production) | 192.168.10.0/24 |
| IP Address Range (Staging) | 192.168.20.0/24 |
| IP Address Range (Development) | 192.168.30.0/24 |
| DNS Server | 192.168.1.1 (Internal) |
| Gateway | 192.168.1.254 |
Access to application servers is restricted via firewall rules managed by UFW. Secure Shell (SSH) access is limited to authorized personnel only, and key-based authentication is enforced. See Network Security for further details.
Security Considerations
Security is paramount. We implement several layers of security to protect our applications and data. These include:
- **Firewall:** UFW is configured to allow only necessary traffic.
- **Intrusion Detection:** Fail2ban monitors logs for malicious activity and automatically blocks offending IP addresses.
- **Regular Security Audits:** We conduct regular security audits to identify and address vulnerabilities. See Security Auditing.
- **Container Security:** Docker containers are isolated from the host system and each other, limiting the impact of potential security breaches.
- **Least Privilege Principle:** Applications are granted only the permissions they need to function.
Monitoring and Alerting
We utilize Nagios and Grafana to monitor server performance and application health. Alerts are configured to notify administrators of critical issues, such as high CPU usage, low disk space, or application errors. Detailed logs are collected and analyzed using ELK Stack to identify trends and troubleshoot problems. Refer to the Monitoring Guide for detailed instructions on setting up and configuring monitoring tools.
Related Pages
- Server Administration
- Hardware Inventory
- Network Security
- Security Auditing
- APT
- rsyslog
- Nagios
- Grafana
- ELK Stack
- Docker
- Docker Compose
- UFW
- Monitoring Guide
- Application Deployment Process
- Troubleshooting Guide
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configuration
Need Assistance?
- Telegram: @powervps Servers at a discounted price
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️