<preamble> I have deployed Linux/Apache/PHP (node1) + MySQL (node2) with Security Groups (AWS) or iptables controlling who can connect to the MySQL server. In topology terms -- a 2 Tier architecture. In AWS - one can deploy several such instances behind a ELB. Each LAP instance talks to a MySQL RDS. The LAP instances are either mod_php or PHP-FPM. OS -- CentOS, Ubuntu. Debian </preamble>
For one of my client's end user customer, their InfoSec team is asking if Apache and the PHP application can run in separate nodes (3 Tier arch).
To the best of my knowledge Apache + PHP (mod_php) have to be in the same node.
With PHP-FPM it is conceivable to have Apache talk to PHP-FPM running on a separate node (see diagram https://goo.gl/xTfbjg). But I have not done it myself and I am not sure if it is feasible.
If it is feasible then what's the best practice to distribute the *.html *.css and *.php files between the Apache + the PHP-FPM nodes and how to achieve load balance between Apache and PHP-FPM nodes. I have searched but not found any reference setups.
Would appreciate suggestions / references from anyone who has done a 3 Tier Apache + PHP + MySQL deployment in production.
Thanks in advance.
-- Arun Khan "Everyone has an expiration date"