{"id":719,"date":"2020-08-26T15:47:41","date_gmt":"2020-08-26T13:47:41","guid":{"rendered":"http:\/\/blog.nosland.com\/?p=719"},"modified":"2020-08-26T16:29:31","modified_gmt":"2020-08-26T14:29:31","slug":"moodle-cluster-de-frontaux-base-de-donnees","status":"publish","type":"post","link":"http:\/\/blog.nosland.com\/?p=719","title":{"rendered":"Moodle \u2013 Cluster de frontaux &#038; Base de donn\u00e9es"},"content":{"rendered":"\n<h2><a>Principe<\/a><\/h2>\n\n\n\n<p>Le principe est d\u2019avoir l\u2019ensemble des services (ou la majorit\u00e9) qui soient redond\u00e9s et que ceux-ci puissent absorber une charge importante de visiteurs et transactions, li\u00e9e \u00e0 des \u00e9v\u00e9nements exceptionnels. Le sch\u00e9ma de la structure est le suivant&nbsp;:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" width=\"605\" height=\"352\" src=\"http:\/\/blog.nosland.com\/wp-content\/uploads\/2020\/08\/image-17.png\" alt=\"\" class=\"wp-image-720\" srcset=\"http:\/\/blog.nosland.com\/wp-content\/uploads\/2020\/08\/image-17.png 605w, http:\/\/blog.nosland.com\/wp-content\/uploads\/2020\/08\/image-17-300x175.png 300w\" sizes=\"(max-width: 605px) 100vw, 605px\" \/><\/figure>\n\n\n\n<p>Afin de partager les documents, les Moodle frontaux avaient besoin d\u2019un stockage commun. Apr\u00e8s des \u00e9tudes de rapidit\u00e9, il s\u2019est av\u00e9r\u00e9 que le NFS v4 \u00e9tait le protocole qui offrait le plus de rapidit\u00e9 cumul\u00e9e pour la lecture\/\u00e9criture.<\/p>\n\n\n\n<p>Un serveur NFS d\u00e9di\u00e9 \u00e0 Moodle a donc \u00e9t\u00e9 install\u00e9. Nous d\u00e9taillerons ce serveur \u00e9galement dans la partie consacr\u00e9e aux frontaux.<\/p>\n\n\n\n<h2><a>Cluster de base de donn\u00e9es MariaDB&nbsp;: Galera<\/a><\/h2>\n\n\n\n<p>Le cluster de base de donn\u00e9es est compos\u00e9 de 3 n\u0153uds&nbsp;: MoodleDB01, MoodleDB02 et MoodleDB3 qui ont pour IP respectives&nbsp;: 172.20.16.11, 172.20.16.12 et 172.20.16.13.<\/p>\n\n\n\n<h3><a>Installation<\/a><\/h3>\n\n\n\n<ul><li>Premi\u00e8re \u00e9tape&nbsp;: <br>Ajouter le repository MariaDD de Debian sur tous les serveurs&nbsp;:<\/li><\/ul>\n\n\n\n<p class=\"has-black-background-color has-text-color has-background\" style=\"color:#fefb33\"><em>root@MoodleDB01:\/# apt install dirmngr software-properties-common<\/em><br><em>root@MoodleDB01:\/# apt-key adv &#8211;recv-keys &#8211;keyserver hkp:\/\/keyserver.ubuntu.com:80 0xF1656F24C74CD1D8<\/em><br><em>root@MoodleDB01:\/# add-apt-repository &lsquo;deb [arch=amd64] http:\/\/nyc2.mirrors.digitalocean.com\/mariadb\/repo\/10.4\/debian buster main&rsquo;<\/em><br><em>root@MoodleDB01:\/# apt-get update<\/em><\/p>\n\n\n\n<ul><li>Seconde \u00e9tape&nbsp;:<br>Installer MariaDB sur tous les serveurs.<\/li><\/ul>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\">root@MoodleDB01:\/# apt-get install mariadb-server&nbsp; -y<\/p>\n\n\n\n<p>Mettre un password pour l\u2019utilisateur root&nbsp;:<\/p>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\">mysql \u2013u root<br>set password = password(\u00ab\u00a0MyP@SsW0rd\u00a0\u00bb);<\/p>\n\n\n\n<p>Et installation de rsync&nbsp;:<\/p>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\">apt-get install rsync -y<\/p>\n\n\n\n<h3><a>Configuration<\/a><\/h3>\n\n\n\n<ul><li>Ajouter dans le hosts de chaque serveur les IP des autres.<\/li><li>Cr\u00e9ation du fichier de conf du cluster<\/li><\/ul>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\">vi \/etc\/mysql\/conf.d\/galera.cnf<\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\">[mysqld]<br>binlog_format=ROW<br>default-storage-engine=innodb<br>innodb_autoinc_lock_mode=2<br>bind-address=0.0.0.0<br># Galera Provider Configuration<br>wsrep_on=ON<br>wsrep_provider=\/usr\/lib\/galera\/libgalera_smm.so<br># Galera Cluster Configuration<br>wsrep_cluster_name=\u00a0\u00bbMoodleCluster\u00a0\u00bb<br>wsrep_cluster_address=\u00a0\u00bbgcomm:\/\/172.20.16.11,172.20.16.12,172.20.16.13&Prime;<br># Galera Synchronization Configuration<br>wsrep_sst_method=rsync<br># Galera Node Configuration<br>wsrep_node_address=\u00a0\u00bb172.20.16.11&Prime;<br>wsrep_node_name=\u00a0\u00bbMoodleDB01&Prime;<\/p>\n\n\n\n<ul><li>Ouvrir le firewall pour le cluster<br>vi \/etc\/iptables\/rules.v4<br>Ajouter : <\/li><\/ul>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\"># Allows Galera Cluster MariaDB<br>-A INPUT -p tcp &#8211;dport 3306 -j ACCEPT<br>-A INPUT -p tcp &#8211;dport 4567 -j ACCEPT<br>-A INPUT -p tcp &#8211;dport 4444 -j ACCEPT<br>-A INPUT -p udp &#8211;dport 4567 -j ACCEPT<\/p>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\">\/etc\/init.d\/netfilter-persistent restart<\/p>\n\n\n\n<ul><li>D\u00e9marrer le cluster<br><\/li><\/ul>\n\n\n\n<p>Il faut tout d\u2019abord <strong><u>stop<\/u><\/strong> mariadb&nbsp;: <span class=\"has-inline-color has-vivid-red-color\"><strong><em>systemctcl stop mysql<\/em><\/strong><\/span> <strong><u>sur tous les n\u0153uds<\/u><\/strong> <br>Puis on d\u00e9marre sur le premier n\u0153ud&nbsp;: <span class=\"has-inline-color has-vivid-red-color\"><strong><em>galera_new_cluster<\/em><\/strong><\/span><br>Pour v\u00e9rifier&nbsp;: <span class=\"has-inline-color has-vivid-red-color\"><em><strong>mysql -u root -p -e \u00ab\u00a0SHOW STATUS LIKE &lsquo;wsrep_cluster_size'\u00a0\u00bb<\/strong><\/em><\/span><\/p>\n\n\n\n<p>On obtient&nbsp;:<\/p>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\"><br>+&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;+&#8212;&#8212;&#8211;+<br>|Variable_name|Value|<br>+&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;+&#8212;&#8212;&#8211;+<br>|wsrep_cluster_size|1|<br>+&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;+&#8212;&#8212;&#8211;+<\/p>\n\n\n\n<p>Puis <strong><em><span class=\"has-inline-color has-vivid-red-color\">systemctl start mysql<\/span><\/em><\/strong> (sur les n\u0153uds 2 &amp; 3)<\/p>\n\n\n\n<ul><li>Param\u00e9trage des n\u0153uds&nbsp;:<br>Sur chaque n\u0153ud \u00e9diter le fichier \/etc\/mysql\/conf.d\/mysql.cnf et modifier comme suit&nbsp;:<\/li><\/ul>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\">[mysql]<br>default-character-set = utf8mb4<br>[mysqld]<br>innodb_file_per_table = 1<br>innodb_buffer_pool_size = 12G<br>character-set-server = utf8mb4<br>collation-server = utf8mb4_unicode_ci<br>skip-character-set-client-handshake<\/p>\n\n\n\n<p>Puis relance des services MySQL&nbsp;:<strong><em><span class=\"has-inline-color has-vivid-red-color\"> systemctl mysql restart<\/span><\/em><\/strong><\/p>\n\n\n\n<h3><a>Exploitation<\/a><\/h3>\n\n\n\n<ul><li>Chaque n\u0153ud est ind\u00e9pendant. Ainsi on peut relancer les serveurs sans perdre l\u2019acc\u00e8s \u00e0 la base. Pour fonctionner le cluster a besoin d\u2019un seul n\u0153ud, mais il est pr\u00e9f\u00e9rable de ne relancer les serveurs qu\u2019un par un.<\/li><li>En cas d\u2019arr\u00eat complet des 3 n\u0153uds suite \u00e0 un probl\u00e8me important ayant coup\u00e9 tous les n\u0153uds, il convient de relancer le cluster sur le n\u0153ud 1 (moodledb01)&nbsp;:<br>&#8211; V\u00e9rifier l\u2019arr\u00eat de MariaDB et le stopper en cas de besoin <strong><em><span class=\"has-inline-color has-vivid-red-color\">systemctl mysql stop<\/span><\/em><\/strong> (sur tous les n\u0153uds)<br>&#8211; Lancer le cluster sur le n\u0153ud 1&nbsp;:<strong><em><span class=\"has-inline-color has-vivid-red-color\"> galera_new_cluster<\/span><\/em><\/strong><br>&#8211; Lancer MariaDB sur les autres n\u0153uds&nbsp;:<strong><em><span class=\"has-inline-color has-vivid-red-color\"> systemctl mysql start<\/span><\/em><\/strong><br>&#8211; V\u00e9rifier la pr\u00e9sence de tous les n\u0153uds <strong><em><span class=\"has-inline-color has-vivid-red-color\">mysql -u root -p -e \u00ab\u00a0SHOW STATUS LIKE &lsquo;wsrep_cluster_size'\u00a0\u00bb<\/span><\/em><\/strong><\/li><\/ul>\n\n\n\n<ul><li>Requ\u00eate SQL pour afficher les infos du cluster&nbsp;: show status like &lsquo;wsrep%&rsquo;;<\/li><li>Req\u00eate SQL pour afficher les infos sur les utilisateurs des bases de donn\u00e9es&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">select host, user, password from mysql.user&nbsp;;<\/span><\/em><\/strong><\/li><li>Les bases de donn\u00e9es sont r\u00e9pliqu\u00e9es sur tous les n\u0153uds. Les datas sont stock\u00e9es sur le volume LVM \/var. Le volume groupe vg1 a \u00e9t\u00e9 provisionn\u00e9 et on peut ais\u00e9ment agrandir l\u2019espace disque si celui venait \u00e0 manquer&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">lvextend \u2013L+50GiB \/dev\/mapper\/vg1-var &amp;&amp; resize2fs \/dev\/mapper\/vg1-var<\/span><\/em><\/strong>&nbsp; (pour voir l\u2019espace restant sur le volume groupe&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">pvscan<\/span><\/em><\/strong>)<\/li><li>En cas de crash sur les 3 n\u0153uds et si lors de la relance du cluster sur MoodleDB1, on obtient le message&nbsp;: <span style=\"color:#242a2d\" class=\"has-inline-color\">\u00ab&nbsp;<em>WSREP: It may not be safe to bootstrap the cluster from this node. It was not the last one to leave the cluster and may not contain all the updates. To force cluster bootstrap with this node, edit the grastate.dat file manually and set safe_to_bootstrap to 1<\/em><\/span> .&nbsp;\u00bb Il convient alors de stopper tous les serveurs MySQL sur les n\u0153uds. Puis \u00e9diter le fichier \u00ab&nbsp;\/var\/lib\/mysql\/grastate.dat&nbsp;\u00bb et changer la valeur de set safe_to_bootstrap de 0 \u00e0 1. On fait la m\u00eame chose sur les 3 n\u0153uds. Puis on reboot les serveurs. Enfin sur Moodledb01 on lance le cluster. On v\u00e9rifie qu\u2019il tourne correctement. Puis on lance les n\u0153uds un \u00e0 un.<\/li><\/ul>\n\n\n\n<h2><a>Cluster de frontaux Moodle<\/a><\/h2>\n\n\n\n<p>Pour fonctionner Moodle a besoin de partager l\u2019espace de stockage des donn\u00e9es (moodledata), pour ce faire nous avons mont\u00e9 un serveur NFS qui centralise donc toutes les donn\u00e9es (doc, vid\u00e9os etc..) qui sont publi\u00e9es sur Moodle.<br>Voici le sch\u00e9ma de fonctionnement&nbsp;:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" width=\"386\" height=\"494\" src=\"http:\/\/blog.nosland.com\/wp-content\/uploads\/2020\/08\/image-18.png\" alt=\"\" class=\"wp-image-721\" srcset=\"http:\/\/blog.nosland.com\/wp-content\/uploads\/2020\/08\/image-18.png 386w, http:\/\/blog.nosland.com\/wp-content\/uploads\/2020\/08\/image-18-234x300.png 234w\" sizes=\"(max-width: 386px) 100vw, 386px\" \/><\/figure>\n\n\n\n<ul><li>Sur le serveurs NFS&nbsp;:<br>On ajoute les autorisations pour les frontaux dans le fichier \/etc\/exports&nbsp;:<\/li><\/ul>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\"><em>\/opt\/moodledata\/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 172.20.16.50(rw,sync,no_subtree_check) 172.20.16.51(rw,sync,no_subtree_check) 172.20.16.52(rw,sync,no_subtree_check)<\/em><\/p>\n\n\n\n<ul><li>Sur les frontaux&nbsp;:<br>Installation du client nfs&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">apt-get install nfs-common \u2013y<\/span><\/em><\/strong><br>Puis ajout au fstab:<strong><em><span class=\"has-inline-color has-vivid-red-color\"> 172.20.16.49:\/opt\/moodledata&nbsp; &nbsp;\/opt\/moodledata nfs4&nbsp;&nbsp;&nbsp; rw,user,exec 0 0<\/span><\/em><\/strong><\/li><\/ul>\n\n\n\n<h3><a>Proc\u00e9dure d\u2019installation<\/a><\/h3>\n\n\n\n<p>On installe apache2, php, et HAProxy (qui servira de passerelle MySQL)<\/p>\n\n\n\n<ul><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">apt-get install apache2<\/span><\/em><\/strong><\/li><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">apt-get install apt-transport-https lsb-release ca-certificates<\/span><\/em><\/strong><\/li><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">wget -O \/etc\/apt\/trusted.gpg.d\/php.gpg <a href=\"https:\/\/packages.sury.org\/php\/apt.gpg\">https:\/\/packages.sury.org\/php\/apt.gpg<\/a><\/span><\/em><\/strong><\/li><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">echo \u00ab\u00a0deb https:\/\/packages.sury.org\/php\/ $(lsb_release -sc) main\u00a0\u00bb &gt; \/etc\/apt\/sources.list.d\/php.list<\/span><\/em><\/strong><\/li><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">apt-get update<\/span><\/em><\/strong><\/li><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">apt-get install php7.3 php7.3-bcmath php7.3-bz2 php7.3-cli php7.3-common php7.3-curl php7.3-dba php7.3-gd php7.3-intl php7.3-json php7.3-ldap php7.3-mbstring php7.3-mysql php7.3-opcache php7.3-readline php7.3-soap php7.3-xml php7.3-xmlrpc php7.3-zip haproxy<\/span><\/em><\/strong><\/li><li><strong><em><span class=\"has-inline-color has-vivid-red-color\">apt-get install shibboleth-sp-common&nbsp; shibboleth-sp-utils shibboleth-sp2-common shibboleth-sp2-utils libapache2-mod-shib libapache2-mod-shib2<\/span><\/em><\/strong><\/li><\/ul>\n\n\n\n<h3><a>Configuration des services<\/a><\/h3>\n\n\n\n<p>Nous configurons d\u2019abord HAProxy&nbsp;:<\/p>\n\n\n\n<p class=\"has-white-color has-black-background-color has-text-color has-background\">sed -i \u00ab\u00a0s\/ENABLED=0\/ENABLED=1\/g\u00a0\u00bb \/etc\/default\/haproxy<br>sed -i \u00ab\u00a0s\/ENABLED=0\/ENABLED=1\/g\u00a0\u00bb \/etc\/init.d\/haproxy<\/p>\n\n\n\n<p>Puis \u00e9dition du fichier de conf&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">vi \/etc\/haproxy\/haproxy.cfg<\/span><\/em><\/strong><\/p>\n\n\n\n<p>On ajoute&nbsp;:<\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\">listen galera<br>bind 127.0.0.1:3306<br>balance leastconn<br>mode tcp<br>option tcpka<br>option mysql-check user haproxy<br>server moodledb01 172.20.16.11:3306 check weight 1<br>server moodledb02 172.20.16.12:3306 check weight 1<br>server moodledb03 172.20.16.13:3306 check weight 1<\/p>\n\n\n\n<p>Le concept est d\u2019ouvrir un port d\u2019\u00e9coute sur le port tcp3306 (celui de mysql) et de configurer un cluster de r\u00e9partition sur les diff\u00e9rents n\u0153uds de base de donn\u00e9es. Ainsi le frontal via php-mysql (que moodle utilise pour se connecter \u00e0 la base de donn\u00e9es) utilisera l\u2019IP locale (127.0.0.1) comme si la BDD \u00e9tait install\u00e9e en local, puis le proxy redirigera alternativement sur les n\u0153uds du cluster MariaDB.<\/p>\n\n\n\n<p>Ce choix a \u00e9t\u00e9 fait de fa\u00e7on \u00e0 simplifier le passage annuel de la production en serveur d\u2019archive.<\/p>\n\n\n\n<p>Il suffit maintenant de relancer le service HAProxy&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">\/etc\/init.d\/haproxy restart<\/span><\/em><\/strong><\/p>\n\n\n\n<p>Maintenant nous allons configurer Apache. Il y a par d\u00e9faut un fichier de configuration, et nous allons l\u2019utiliser en modifiant seulement quelques param\u00e8tres&nbsp;:<\/p>\n\n\n\n<p>Edition de<strong><em>\/etc\/apache2\/sites-available\/000-default.conf<\/em><\/strong><\/p>\n\n\n\n<p>Voici le contenu du fichier&nbsp;:<\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\">&lt;VirtualHost *:80&gt;<br>ServerAdmin webmaster@localhost<br>DocumentRoot \/opt\/public_html\/<br>ErrorLog ${APACHE_LOG_DIR}\/error.log<br>CustomLog ${APACHE_LOG_DIR}\/access.log combined<br>&lt;Directory \/opt\/public_html\/&gt;<br>Options Indexes FollowSymLinks MultiViews<br>AllowOverride None<br>&nbsp; Require all granted<br>&nbsp;&nbsp; &lt;\/Directory&gt;<br>&lt;\/VirtualHost&gt;<br>ExtendedStatus on<br>&lt;Location \/mod_status&gt;<br>SetHandler server-status<br>Require host localhost<br>&lt;\/Location&gt;<\/p>\n\n\n\n<p>Quelques remarques&nbsp;:<\/p>\n\n\n\n<ul><li>La partie apache.conf n&rsquo;a pas \u00e9t\u00e9 pr\u00e9cis\u00e9 ici. Il convient de bien tuner les param\u00e8tres d&rsquo;apache en fonction de votre RAM et CPU afin de d\u00e9finir le nombre de users simultan\u00e9s accepter par chaque frontal. <\/li><li>La location \u00ab&nbsp;mod_status&nbsp;\u00bb sert \u00e0 activer les outils de statistiques apache (extendedstatus) qui sont ensuite utilis\u00e9s dans collectd pour les graphs Grafana.<\/li><\/ul>\n\n\n\n<p>On relance ensuite apache&nbsp;: <strong><em><span class=\"has-inline-color has-vivid-red-color\">apache2ctl restart<\/span><\/em><\/strong><\/p>\n\n\n\n<p>On r\u00e9cup\u00e8re les sources de Moodle (je les place en g\u00e9n\u00e9ral sur le NFS dans un dossier sourcemoodle\\version\\date.tar.gz, ex \/opt\/moodledata\/3.9\/20200715.tar.gz )<\/p>\n\n\n\n<p>On place les sources pour obtenir \/opt\/public_html (dataroot de moodle indiqu\u00e9 dans le config.php)<\/p>\n\n\n\n<p>On affecte les bons droits en changeant le propri\u00e9taire par www-data (utilisateur apache)<br>L\u2019int\u00e9gralit\u00e9 de la configuration Moodle est faite dans le fichier config.php.<br>Voici les principaux \u00e9l\u00e9ments indispensables \u00e0 modifier ou v\u00e9rifier pour un fonctionnement correcte : <\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\">$CFG-&gt;dbtype = &lsquo;mariadb&rsquo;;<br>$CFG-&gt;dblibrary = &lsquo;native&rsquo;;<br>$CFG-&gt;dbhost = &lsquo;127.0.0.1&rsquo;;<br>$CFG-&gt;dbname = &lsquo;moodle&rsquo;;<br>$CFG-&gt;dbuser = &lsquo;moodleuser&rsquo;;<br>$CFG-&gt;dbpass = &lsquo;moodleuserpassword&rsquo;;<br>$CFG-&gt;prefix = &lsquo;mdl_&rsquo;;<br>$CFG-&gt;dboptions = array (<br>&lsquo;dbpersist&rsquo; =&gt; 0,<br>&lsquo;dbport&rsquo; =&gt; &lsquo;3306&rsquo;,<br>&lsquo;dbsocket&rsquo; =&gt; \u00a0\u00bb,<br>&lsquo;dbcollation&rsquo; =&gt; &lsquo;utf8mb4_unicode_ci&rsquo;,<br>);<br>$CFG-&gt;wwwroot = &lsquo;https:\/\/moodle.nosland.com&rsquo;;<br>$CFG-&gt;dataroot = &lsquo;\/opt\/moodledata&rsquo;;<br>$CFG-&gt;directorypermissions = 02770;<br>$CFG-&gt;admin = &lsquo;admin&rsquo;;<br>$CFG-&gt;sslproxy = true;<br>$CFG-&gt;tempdir = &lsquo;\/opt\/moodledata\/temp&rsquo;; \/\/ doit \u00eatre partag\u00e9<br>$CFG-&gt;cachedir = &lsquo;\/opt\/moodledata\/cache&rsquo;; \/\/ doit \u00eatre partag\u00e9<br>$CFG-&gt;localcachedir = &lsquo;\/opt\/localcache&rsquo;; \/\/ doit \u00eatre local<\/p>\n\n\n\n<p><strong><span class=\"has-inline-color has-vivid-red-color\">Attention \u00e0 comment vous configurer vos dossiers. Certains doivent \u00eatre partag\u00e9, et donc utilis\u00e9 le serveur de stockage NFS, mais d&rsquo;autre ne doivent jamais l&rsquo;\u00eatre. <\/span><\/strong><\/p>\n\n\n\n<p><strong>Si l&rsquo;on effectue des mise \u00e0 jour ou des ajouts de plugin sur son Moodle. Il faut proc\u00e9der avec attention. <br>Le conseil sera de basculer en mode mono-frontal. D&rsquo;effectuer les UPdate ou l&rsquo;ajout de plugin via l&rsquo;interface web. <br>Ensuite sur l&rsquo;ensemble des frontaux que l&rsquo;on a d\u00e9sactiv\u00e9, il faut recopier int\u00e9gralement le contenu du dossier public_html du frontal actif sur les autres. <br>Une fois fait on peut r\u00e9activer le mode cluster de frontaux. <\/strong><\/p>\n\n\n\n<h2><a>Reverse Proxy<\/a><\/h2>\n\n\n\n<p>Mon reverse proxy fonctionne avec deux serveurs maintenus via une IP virtuelle de keepalive.<br>Le reverse proxy est un Nginx.<br>Le fichier de configuration pour Moodle est le suivant&nbsp;:<\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background\">upstream moodlecluster {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ip_hash;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; server moodle00.nosland.com;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; server moodle01.nosland.com;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; server moodle02.nosland.com;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;# server moodleXX.nosland.com; ajouter ici les autres n\u0153uds<br>}<br> server {<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; listen&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 80;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; server_name&nbsp;&nbsp; moodle.nosland.com;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; access_log&nbsp;&nbsp;&nbsp;&nbsp; \/var\/log\/nginx\/moodle_access.log;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; error_log&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/var\/log\/nginx\/moodle_error.log;<br>                if ($request_method !~ ^(GET|HEAD|POST)$ ) {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return 444;<br>}<br>location \/ {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # &#8212; Redirection vers https<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return 301 https:\/\/$server_name:443$request_uri;<br>                     }<br>}<br>server {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; listen&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 443;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ssl&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; on;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ssl_certificate&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/etc\/nginx\/certificats\/wildcard.Nosland-Bundle.crt;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ssl_certificate_key&nbsp; \/etc\/nginx\/certificats\/wildcard.Nosland.key;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; server_name&nbsp;&nbsp;&nbsp;&nbsp; moodle.nosland.com;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; access_log&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/var\/log\/nginx\/moodle_access.log;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; error_log&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/var\/log\/nginx\/moodle_error.log;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ($request_method !~ ^(GET|HEAD|POST)$ ) {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return 444;<br>}<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; location \/ {<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #&#8212; Redirection<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #proxy_pass&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; http:\/\/moodle00.nosland.com;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proxy_pass&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; http:\/\/moodlecluster ;<br>}<br>}<\/p>\n\n\n\n<p>Remarque sur le fichier de conf&nbsp;:<\/p>\n\n\n\n<ul><li>Dans la section upstream, on d\u00e9finit les frontaux Moodle du cluster. On utilise l\u2019option ip_hash qui permet d\u2019orienter les utilisateurs sur un frontal et d\u2019y rester. Ceci est plus commode pour les sessions.<\/li><li>Dans la section http, on redirige toutes les requ\u00eates sur https<\/li><li>Dans la section https, on d\u00e9finit le wildcard car mon proxy est mutualis\u00e9 avec d&rsquo;autres sites web<\/li><li>Dans location, on a deux proxy_pass de d\u00e9fini :<br>L\u2019un comment\u00e9 qui pointe sur le noeud0 des frontaux. L\u2019autre sur le pool de serveurs.<br>Nous gardons le noeud0 en commentaire car cela nous permettra de switcher d\u2019une configuration cluster \u00e0 une configuration mono frontal indispensable pour les mises \u00e0 jours de Moodle ou l\u2019ajout de plugins.<br><\/li><\/ul>\n\n\n\n<p><br><\/p>\n\n\n\n<p><br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Principe Le principe est d\u2019avoir l\u2019ensemble des services (ou la majorit\u00e9) qui soient redond\u00e9s et que ceux-ci puissent absorber une&hellip;<\/p>\n","protected":false},"author":1,"featured_media":722,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,10],"tags":[],"_links":{"self":[{"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/posts\/719"}],"collection":[{"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=719"}],"version-history":[{"count":2,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/posts\/719\/revisions"}],"predecessor-version":[{"id":726,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/posts\/719\/revisions\/726"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=\/wp\/v2\/media\/722"}],"wp:attachment":[{"href":"http:\/\/blog.nosland.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=719"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=719"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.nosland.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=719"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}