Hi all,
I have been tasked with setting up a new Moodle site for my organisation. Given our existing infrastructure, this will be served in a 3 tier environment. Topology is roughly as follows:
2x IIS with ARR for reverse proxy in DMZ connected to a -
HA pair of hardware load balancers
2x IIS application servers connected to -
A different pair of HA load balancers
Seperate database server that the App servers can connect to.
The aim has been to use the DMZ web servers purely to reverse proxy requests to the application tier. This is currently done with a simple catch-all wildcard rule. This works fine in most scenarios that we use it.
The application servers are fine. Here I will call them http://app.moodle.local. The site is configured and working correctly. However, when viewing them through the reverse proxy, some of the javascript and css fails to load correctly. I have the requests rewriting correctly, but the application servers are resulting in a 404 when they receive the request, which can present itself as a 500 from the DMZ.
I'm trying to understand why these assets won't resolve correctly if passed through a proxy. I'm not a developer so I'm not great at understanding what the javascript is for or whether there is a degree of client participation required that has now been removed by going through a proxy. I gather that yui_combo.php is a compiler of some sort. I do have an outbound rule to rewrite the host name of the app servers so that the URLs appear relative. If I remove that rule then it all works fine, because they will load with http://app.moodle.local, which I have access to on my network. However, when it goes into production, this won't be OK because the application servers are not internet facing.
So the files in question are generally under /theme/ and /lib/. I can also see in the source code that some JQuery is allowing the http://app.moodle.local URL through.
I'm guessing other people have used a 3 tier architecture to host Moodle, even if not in Windows environment (please don't yell at me). I'm interested to know the success people have had or any considerations that they have had to make to how they handle requests.
Of course the real techies here may need more info, so please ask if there's something else I can provide.
Thanks,
Tom