Design Ideas

1. I need an intranet ecosystem to access all my resources through an nginx. I don't care about the internal implementation details, so I need an nginx server to load all the services
2. There are too many servers, I don't want to log in by recording IPs one by one, then I need a springboard to record my server, I only need to remember the address of the springboard to log in to all servers
3. I don't want ip access in the intranet, I want to use a domain name, so I need a dns server to resolve the intranet domain name
4. If you want to do some expansion for the router, you need a soft path to enhance it
5. Because I still want to access some of my services through the public network later, for security reasons, the principle of minimum availability needs to be exposed, and a security control needs to be done at key nodes: nginx and springboard

implementation

Middleware Platform

Build mainstream middleware services on the market, such as nacos, es, gitlab, application monitoring services, service monitoring, etc., to monitor my hardware and software.

Increase application service availability by deploying clusters

Through some script page operations, etc., simplify the configuration cost caused by server restart

Application Server

Application services are indispensable in the deployment ecosystem, so I need to deploy my application through the application server, such as single sign-on, blog, some data management and other platforms need to simplify the operation through the application.
The application server should be dedicated to the intranet and cannot be directly accessed from the external network.If you need to provide services on the external network, you should specify the jump to the gateway through nginx. The gateway should be exposed to the outside world, and no application should be accessed by the public network.

Database & File Server

Some mainstream database servers can manage my resources efficiently.A file server keeps my files organized.After all, cloud resources are more expensive.
These servers are very private resources, so these servers should be the same as application servers, not allowing external direct access.If there is an access requirement, it should be accessed through nginx and a gateway.
Because the data is relatively private, this piece must be verified at the gateway layer by layer. It is not allowed to access resources at will to avoid leakage of sensitive data

Mail Server

Through the mail server and some open platforms, I can do some subscription notification services, so that I can passively receive some status of the application and server, instead of waiting for me to get it after I remember it.

Summary

The intranet virtualization platform is not just a set of solutions. I think it brings me the most improvement to myself. By learning these, I can broaden my thinking.
After building a set of virtualization platform, if you want to incubate some applications in the future, you can do it through the intranet virtualization platform.
The importance of data is incomparable, and it is a foolish act to go to the public Internet until it is completely secure.My own computer can’t work 7*24 hours, and the incubation work is extremely difficult. A virtualized platform can allow my applications to pass the test of time, and through layer-by-layer assessment, the hatched content will be more robust.