Network Infrastructure
- Network Infrastructure
This article details the network infrastructure supporting our MediaWiki 1.40 installation. Understanding this setup is crucial for troubleshooting, performance optimization, and future scaling efforts. This guide is aimed at newcomers to the server administration aspects of the wiki.
Overview
Our MediaWiki instance relies on a robust network infrastructure to ensure high availability, low latency, and secure operation. The network is segmented into several key zones, each with specific security and access controls. This includes the public-facing web servers, the internal database servers, and the caching layer. Proper configuration of network devices like routers, switches, and firewalls is paramount. We employ a load-balancing solution to distribute traffic across multiple web servers, enhancing resilience and responsiveness. See Special:MyPreferences for your user settings and network considerations.
Network Topology
The network follows a three-tier architecture:
1. **Web Tier:** Handles incoming HTTP/HTTPS requests and serves the wiki content. 2. **Application Tier:** Processes wiki logic, interacts with the database, and manages user sessions. (Currently combined with Web Tier in a single set of servers for simplicity). 3. **Data Tier:** Stores the wiki data (databases, images, and other files).
The following diagram (represented as a table for MediaWiki compatibility) illustrates the connections:
| Component | Role | Connection |
|---|---|---|
| Web Server 1 | Handles user requests; serves wiki pages | Load Balancer |
| Web Server 2 | Handles user requests; serves wiki pages | Load Balancer |
| Load Balancer | Distributes traffic to web servers | Public Internet |
| Database Server | Stores wiki data (MySQL) | Web Servers (via private network) |
| Cache Server (Redis) | Caches frequently accessed data | Web Servers & Database Server (via private network) |
Detailed information on Help:Configuration can be found on the help pages.
Network Hardware Specifications
The following tables outline the specifications of the core network hardware.
Load Balancer
| Specification | Value |
|---|---|
| Model | HAProxy REL-2.6 |
| CPU | Intel Xeon E3-1220 v6 |
| RAM | 8GB DDR4 |
| Network Interfaces | 2 x 1Gbps Ethernet |
| Operating System | CentOS 7 |
| High Availability | Active-Passive Failover |
See also Manual:Load balancer configuration for more details.
Web Servers
| Specification | Value |
|---|---|
| Model | Dell PowerEdge R740xd |
| CPU | 2 x Intel Xeon Gold 6248R |
| RAM | 64GB DDR4 ECC |
| Storage | 2 x 480GB SSD (RAID 1) |
| Network Interfaces | 2 x 10Gbps Ethernet |
| Operating System | Ubuntu Server 20.04 LTS |
| Web Server Software | Apache 2.4 |
Review the Extension:WebServers documentation for information on web server extensions.
Database Server
| Specification | Value |
|---|---|
| Model | Supermicro SuperServer 2029U-TR4 |
| CPU | 2 x Intel Xeon Platinum 8260R |
| RAM | 128GB DDR4 ECC |
| Storage | 4 x 1TB NVMe SSD (RAID 10) |
| Network Interfaces | 2 x 10Gbps Ethernet |
| Operating System | CentOS 8 |
| Database Software | MySQL 8.0 |
Consult Special:Database for database related information, but do *not* attempt direct database modification.
Network Security
Security is a top priority. We employ several layers of protection:
- **Firewall:** A stateful firewall (iptables on Linux servers) controls all inbound and outbound traffic.
- **Intrusion Detection System (IDS):** Monitors network traffic for malicious activity.
- **Regular Security Audits:** Periodic assessments to identify and address vulnerabilities.
- **HTTPS:** All traffic to the wiki is encrypted using HTTPS.
- **Access Control Lists (ACLs):** Restrict access to sensitive network resources based on the principle of least privilege.
The firewall rules are configured based on the principles outlined in Manual:PyWikiBin.
DNS Configuration
Our DNS records are managed by an external provider. The primary DNS record points to the IP address of the load balancer. Secondary DNS records provide redundancy. DNS propagation times should be considered when making changes. See also Help:Linking and referencing for link integrity.
Future Considerations
We are planning to upgrade the network infrastructure to support increasing traffic and data volume. This includes:
- Increasing network bandwidth to 40Gbps.
- Implementing a dedicated caching cluster.
- Migrating to a more scalable database solution.
- Further hardening the network security posture.
See Help:Contents for an overview of all help pages.
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configuration
Need Assistance?
- Telegram: @powervps Servers at a discounted price
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️