Web server upgrade coming soon

CellarTracker Main Site

Web server upgrade coming soon

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> [Cellar Talk] >> Release Notes >> Web server upgrade coming soon

Page: [1]

Message

<< Older Topic Newer Topic >>

Web server upgrade coming soon - 5/9/2014 5:47:52 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

Hopefully this will be entirely transparent. Soon we plan to deploy a second web server along with a load balancer. This will allow us to swap web servers in and out and do maintenance without inconveniencing anyone. I am posting here to in fact test the new web server. Assuming we do our job well, no one will be able to tell the difference. That said, the anti-scraping service will work a bit differently in the new environment. And the underlying version of Windows and IIS is upgraded enough, there is always the chance that we might break something.

We will post back here when the new server is online. Hopefully that should happen in the next few days.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

Post #: 1

RE: Web server upgrade coming soon - 5/12/2014 10:47:14 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

OK, we just flipped the switch. All of the traffic is running on a new web server.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 2

RE: Web server upgrade coming soon - 5/13/2014 12:44:43 AM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

Please do let us know if you see any hiccups or SSL issues. Things are looking good on our end.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 3

RE: Web server upgrade coming soon - 5/13/2014 10:58:25 AM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

We do have a few users who seem to be having SSL cert issues.
For some reason date parsing for English (Canadian) users seems to be reversing month and day.

We are digging in and will provide updates as we have them.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 4

RE: Web server upgrade coming soon - 5/13/2014 4:07:28 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

We did resolve an issue with our SSL certificate on our static content site that was preventing some users in some browsers from seeing stylesheets.
The Canadian date format thing was pretty crazy. Windows has made a huge change to the default date format in Server 2012 versus Windows Server 2008. We changed our datepicker format to respect that.
At this point we know of one user in IE11 who seems to be seeing an SSL issue, although all of the tools we are running suggest that our certificate chain is correctly deployed.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 5

RE: Web server upgrade coming soon - 5/14/2014 2:26:54 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

So in the end we have had three separate IE users who were not able to login. We had disabled SSL 2 and SSL 3 (in favor of TLS 1.0, TLS 1.1, and TLS 1.2), which should have been fine for all post-IE6 browsers. However it seems like a lot of IE users have (very strangely) disabled TLS. We did just re-enable SSL 3, and 2 of the 3 users who had issues can now connect. We are still waiting to hear from the third user, but we strongly suspect the problem is fixed.

At this point there are no known issues in the new environment. We will be doing some work on our SSL/TLS to disable some weaker cipher suites, and this should have zero impact on anyone using a browser from this decade. We have also just turned on the newer version of the anti-scraping service we use. Hopefully this should not block legitimate user traffic, but if you find yourself being blocked or submitted to excessive CAPTCHA's please let us know. (We have been using another version of this anti-scraping service for 3 years.)

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 6

RE: Web server upgrade coming soon - 5/14/2014 4:13:59 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

The third IE user got back to us, and our changes fixed IE for him as well.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 7

RE: Web server upgrade coming soon - 5/17/2014 11:44:57 AM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

We have done a bit more tweaking to tighten up the SSL ciphers we use in favor of those that are deemed most secure and best practice. We don't think this should break anything, and now we get a straight A on each of our domains from the Qualys website.

We have also shaken some kinks out of the new anti-scraping implementation.

At this point, things seem to have settled down, but please do let us know if you see any issues.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 8

RE: Web server upgrade coming soon - 5/18/2014 2:15:49 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

OK, we had some issues with the anti-scraping tools. Those have been sorted out, but I suspect some users will see more captcha's and other sanctions than are ideal. We will be working on tuning that over the next day.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 9

RE: Web server upgrade coming soon - 5/19/2014 7:20:22 AM

que syrah syrah

Posts: 659
Joined: 12/16/2010
From: Northern Virginia
Status: offline

Hi Eric - Just an FYI. I haven't been on the forum since Saturday so was just going through the various threads and received the captcha verification screen. I was probably on the tenth topic reading and perusing when it popped up. No harm and easy to get around, just letting you know. I was also on the main site earlier, changing a number of private consumption notes to consolidate similar comments, had seven or eight windows open and received the captcha verification there as well. Wasn't too surprised then as I was going through them pretty quickly with quite a few windows open. Again, just an FYI.

Again, thanks to you and the boys for all your efforts and hard work for our benefit.

(in reply to Eric)

Post #: 10

RE: Web server upgrade coming soon - 5/19/2014 7:46:27 AM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

Thank you for your patience. We have made some adjustments to the CAPTCHA filling rules that will hopefully soften things a bit.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to que syrah syrah)

Post #: 11

RE: Web server upgrade coming soon - 5/19/2014 5:16:04 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

And today we have made a lot more progress on dialing things in. We are still reviewing the logs closely, but we are a lot closer to where we want things to be at this point.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 12

RE: Web server upgrade coming soon - 5/20/2014 1:30:23 PM

petitblanc

Posts: 1978
Joined: 2/20/2007
From: Madison, WI
Status: offline

FYI today was the first day I encountered the anti-bot security screens, and I've been seeing them quite often throughout the day. Using Chrome browser.

...edit... An additional data point: I tend to access CT on an off throughout the day, alternating between Chrome (desktop) and Android (phone). Security screens have all been in Chrome.

< Message edited by petitblanc -- 5/20/2014 1:57:59 PM >

_____________________________

Tom

(in reply to Eric)

Post #: 13

RE: Web server upgrade coming soon - 5/20/2014 1:56:05 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

Have you been seeing them in the main site or just the forum?

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to petitblanc)

Post #: 14

RE: Web server upgrade coming soon - 5/20/2014 2:01:54 PM

petitblanc

Posts: 1978
Joined: 2/20/2007
From: Madison, WI
Status: offline

quote:

ORIGINAL: Eric

Have you been seeing them in the main site or just the forum?

Definitely the forum (happened just now, this time on my Android phone, disregard my edit above). Sorry I'm not sure about the main site.

_____________________________

Tom

(in reply to Eric)

Post #: 15

RE: Web server upgrade coming soon - 5/20/2014 2:05:34 PM

petitblanc

Posts: 1978
Joined: 2/20/2007
From: Madison, WI
Status: offline

Okay. Just happened on main site (this time using Chrome).

< Message edited by petitblanc -- 5/20/2014 2:06:01 PM >

_____________________________

Tom

(in reply to petitblanc)

Post #: 16

RE: Web server upgrade coming soon - 5/20/2014 2:24:31 PM

dpolivy

Posts: 1787
Joined: 4/20/2012
Status: offline

I am looking into it -- will let you know what we find.

(in reply to petitblanc)

Post #: 17

RE: Web server upgrade coming soon - 5/20/2014 2:32:41 PM

petitblanc

Posts: 1978
Joined: 2/20/2007
From: Madison, WI
Status: offline

No big problem, just thought you might want the info. Thanks.

_____________________________

Tom

(in reply to dpolivy)

Post #: 18

RE: Web server upgrade coming soon - 5/21/2014 12:21:43 PM

petitblanc

Posts: 1978
Joined: 2/20/2007
From: Madison, WI
Status: offline

FYI no issues today at all.

_____________________________

Tom

(in reply to petitblanc)

Post #: 19

RE: Web server upgrade coming soon - 9/3/2014 3:01:16 PM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

OK, we have finally rebuilt our original web server, and today we brought in back inline alongside our other server. So for the very first time, we are running a load-balanced pair of web servers. It was terrific, as we were able to take one offline seamlessly, apply some Windows Updates, and upgrade some other software, all without missing a beat.

Please do let us know if you see anything weird, but from our end this is looking great right now.

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to petitblanc)

Post #: 20

RE: Web server upgrade coming soon - 9/11/2014 1:55:55 AM

Eric

Posts: 17326
Joined: 10/10/2003
From: Seattle, WA
Status: offline

Ahh, living the dream!!!

This month, for the first time, I was able to apply the big pile of monthly critical updates from Microsoft on each of the web servers. Thanks to our load balancers, I was able to swap each machine and out of the mix for 100% uptime even as I had to reboot each.

So far we have not seen any glitches, and the performance with two web servers seems a little snappier. However, the main reason we have done this is to facilitate easier maintenance without any downtime. Mission accomplished at last! (This was a year long project.)

_____________________________

Cheers!
-Eric LeVine

http://twitter.com/cellartracker
http://facebook.com/cellartracker

(in reply to Eric)

Post #: 21