Site Architecture and a quick fix

Mainly documenting this for myself, but who knows, could come in handy for someone else as well.

Over the past couple of months, I’ve been doing quite a bit on AWS. Many of you know I knocked out 4 certifications in under 8 weeks. To get some “real world” hands-on with a few services I moved my blog from a single Linux box running in my home lab to AWS. The first iteration looked like this:
Application Load Balancer > 2 static amazon linux ec2 instances > EFS (for site data) > Aurora mysql database in 2 AZ's.
It then morphed to:
Application Load Balancer > two EC2 instances maintained by an autoscaling group > EFS (for site data) > Aurora MySQL database in 2 AZ's.
Then finally to:
CloudFront > Application Load Balancer > two EC2 instances maintainced by an autoscaling group > EFS (for site data) > Aurora MySQL database in 2 AZ's.

This worked well but I was killing my IOPS (EFS uses a burst mode by default) and performance wasn’t great. To fix this I scaled back to a single EC2 instance, DNS pointing directly to the instance for testing/troubleshooting, and installed the WP Offload Media plugin by delicious brains, configured it to move all my media to an S3 bucket, put another CloudFront distribution in front of the S3 bucket, and now my site is serving all static content from an S3 bucket.

Now the only real issue I had. I edited the autoscaling group back to two nodes and updated DNS to go back through Cloudfont > Load Balancer and I couldn’t upload media any longer. Disabling the offload plugin fixed that, but that obviously wasn’t the outcome I wanted. Digging through httpd error logs, I found this:

AH02018: request body exceeds maximum size (131072) for SSL buffer

it seems with the plugin enabled and accessing the site through CloudFront and the load balancer made the body size too large for the uploads. Adding this to the SSL version of the sites config file resolved the issue:

<Location "/">SSLRenegBufferSize 10486000</Location>

Now finally the site is working and I got to have some fun along the way. Granted this architecture is way overkill for this blog, but ¯\_(ツ)_/¯


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.