3 Comments

  1. While I basicly like your idea, I would add a layer of caching between the spanish provider and the german database.

    It is quite easy to modify Oxid in a fashion that most queries (i.e. *reading* db access) go throu a local redis instance, sending db queries only for cache misses.

    With a high-enough expiration you can avoid most of the lags. In a second step – and now comes the nice stuff – you can even increase timeouts and actively push changes from germany to the remote systems.

    The concept is that saving a category description is not as performance critical than retrieving it.

    By the way: if you´d open your db to the foreign ip, you would eliminate the need for vpn and could use some low-cost server to start your foreign business – or did I miss something?

    Zsolt

  2. Thanks for your reply, Zsolt – really appreciate it.
    Of course, an entire on-site page cache would be optimal but I doubt if it’ll be able to intercept all possible DB bottlenecks, of course – depending on the server timeout configuration, the distance etc…
    And yes, you’re right, simply opening your DB to a foreign IP would work but I’d go clearly for VPN: as an online merchant, you’re 100% responsible for your customer’s data. And a non-tunneled connection could open options for a man-in-the-middle-attacks, couldn’t it?

  3. Marco, I fully agree with your strong demand for security.

    I assume that you trust VPN since it provides encryption. Same goes for MySql, althou it requires you to grant the SSL right and block non-SSL-connections. http://dev.mysql.com/doc/refman/5.0/en/ssl-connections.html

    Additionally, you can limit remote IP to the one of your foreign server. Both together would be as secure as a VPN, I assume. Or did I miss your point?

    About the db bottlenecks – of course you cannot handle all of them, and stuff like oxcontent is already cached in the /tmp – dir. Yet running a (k)Cachegrind session shows at least enough potential to give it a try.

    Zsolt

Leave a Reply

Your email address will not be published. Required fields are marked *