Joomla! Scalable Enterprise Deployments with AWS
-
Upload
jim-dolinski -
Category
Technology
-
view
694 -
download
3
Transcript of Joomla! Scalable Enterprise Deployments with AWS
Joomla! Scalable Enterprise Deployments
with AWSJim Dolinski9/23/2017
$whoami• Team Lead and Application Architect
• AWS Enthusiast and Security Addict
• Open Source Aficionado
• Official Joomla Contributor!
github.com/jdolinski
@jimdolinski
linkedin.com/jimdolinski
Company background…IT support for City of Omaha and Douglas County, NE
Hosting & Supporting 100+ Joomla Websites
2016 & 2017 AWS City on Cloud Finalist
Agenda• “X”aaS
• Intro to Amazon Web Services
• Infrastructure & Configuration Management
• Monitoring & Performance
• Governance & Compliance
• Resource Optimization
“X”aaS
“as a Service”We are in a marketing acronym hell
• IaaS
• PaaS
• SaaS
• DBaaS
• DaaS
• SECaaS
• FaaS
• Plus many moreCost & Complexity
Mai
ntai
nabi
lity
IaaS
On Premise Data Center
PaaS
SaaS
Our Family Tradition
Pizza Chicago Style
Made at Home
Take and Bake
Pizza Delivered
Dining Out
Cloud Architecture “as a Service” 12 Factors
I. Codebase
One codebase tracked in revision control, many deploys
II. Dependencies
Explicitly declare and isolate dependencies
III. Config
Store config in the environment
IV. Backing services
Treat backing services as attached resources
V. Build, release, run
Strictly separate build and run stages
VI. Processes
Execute the app as one or more stateless processes
VII. Port binding
Export services via port binding
VIII. Concurrency
Scale out via the process model
IX. Disposability
Maximize robustness with fast startup and graceful shutdown
X. Dev/prod parity
Keep development, staging, and production as similar as possible
XI. Logs
Treat logs as event streams
XII. Admin processes
Run admin/management tasks as one-off processes
https://12factor.net/
Amazon Web Services
Let’s Get Started?
AWSim City• Amazon = Planet
• AWS Account = State
• Availability Zone = County
• VPC = City
• Routes = Roads
• VPC Peering = Freeways between Cities
• VPG = Your Corporate Data Center on Earth
• Route 53 DNS = Phone Numbers
• Regions = Countries
• Internet = Interstate
• Internet Gateway = Interstate off ramp
• NAT Gateway = Highway on Ramp
• Subnets = Postal Codes
• Private Subnet = No Highway Access
• Public Subnet = Highway Access
• Network ACLs = Gated Communities
• ELB = Overpass signs to route traffic
• Address = IPs
• Servers/Services = Buildings
• Security Groups = Police
• Traffic = Cars
• AMI = Photographer’s Image
• Cloud Formation = Civil Engineer/Constructor
AWSim City
Represents a single Availability Zone
Architectural Design Patterns
1. Lift & Shift (AMI)2. AMI Builder (Clustered AMI)3. NAS (Network Attached Storage)4. Multi Region and AZ Deployments
It depends on your requirements…
Lift & Shift PatternPros
• Quick & Easy
Cons
• Single Point of Failure
• Tight Coupling
• Not Cohesive
AMI/EBS Builder PatternPros
• Good Performance
• Can be clustered in multiple AZs and Regions
Cons
• Create AMI for every Joomla or extension upgrade
• AMI Maintenance increases with more websites sharing same server
• Storage is not elastic
EFS PatternPros
• Joomla & Extension upgrades simple
• Storage is elastic
• AZ’s share same storage
Cons
• Slower than attached block storage
• EFS can not be mounted across regions
Multi AZ PatternPros
• Redundancy within same region
• Joomla updates simple on EFS
Cons
• Joomla updates on EBS
Multi AZ is recommended at a minimum
Multi AZ & Region PatternPros
• Scalable and highly available architecture
• active/passive or active/active failover
• Latency based routing
• Privacy laws governing data
Cons
• Technically Complex
• More Costs
• Requires mid/advanced knowledge of more services
Design for failure and automate everything
It’s not “if” but “when”, and it will occur while you are on vacation!
}Maximize Flexibility Minimize Maintenance & Costs
Prefer “Managed Services”
over “Service Installs”
Global Infrastructure
https://aws.amazon.com/products/management/
+
Resource Provisioning• Infrastructure as Code
• AWS CloudFormation
https://aws.amazon.com/marketplace/pp/B06XSVFFK9
https://cloud.intuz.com/applications/joomlacf/aws/joomla
• Terraform
DevOps Configuration Management
• Infrastructure as Code
• OS Hardening
• Software installs
• Practice Immutability
• AWS OpsWorks
• Chef
https://martinfowler.com/bliki/ImmutableServer.html
“By frequently destroying and rebuilding servers from the base image, 100% of the server's elements are reset to a known state, without spending a ridiculous amount of time specifying and maintaining detailed configuration specifications.” - Martin Fowler
Enterprise Joomla! Architecture
Service Installs
Enterprise Joomla! Architecture
Managed Services
DevOps Configuration Management
Continuous Integration (CI) is a development practice that requires developers to integrate code into a shared repository several times a day. Each check-in is then verified by an automated build, allowing teams to detect problems early.
https://www.thoughtworks.com/continuous-integration
Monitoring & Performance• AWS CloudWatch
• PagerDuty
• StatusCast
• Failover
• Active/Active
• Active/Passive
Monitoring & Performance• Benchmark First
• Google PageSpeed, YSlow, Pingdom, JMeter, etc
• Don’t forget geo testing
• Apply 1 Change
• AWS CloudFront, AWS Elasticache
• Minification, Browser Caching, Image Optimization, etc
• Repeat
Key Plugins
Regular Labs Cache Cleaner
+
https://www.regularlabs.com/extensions/cachecleaner
JCH Optimize Pro
+https://www.jch-optimize.net/
Major Features • Combine and gzip CSS and javascript files respectively • Minify combined files and HTML • Combine select background images into a sprite • CDN Support Pro version only • Lazy-load images Pro version only • Optimize CSS Delivery Pro version only • Optimize Images Pro version only
Are we down?Know before your customers!
“Communication will build trust and confidence”
+https://www.pagerduty.com/docs/guides/aws-cloudwatch-integration-guide/
Governance & Compliance• Security
• AWS ElasticSearch
• AWS CloudTrail
• Defense in Depth
Practice Defense in Depth
• Firewalls are core
• https everything
• Google Webmaster Tools
• Implement Intrusion Detection
• Routinely Audit & Patch your Joomla Sites
• Logs and retention are crucial
Defense in Depth
Key Tools
RSFirewall
https://www.rsjoomla.com/video-tutorials/rsfirewall.html
MyJoomla Audit
Gain Control of your Logs!
Who updated this site?
+
Can we reduce patch time?
AWS Systems Manager
+
Resource Optimization• Performance Optimizations
• CDN, Cache, Geo Load Balancing, and more
• Cost Optimizations
• Autoscaling
• AWS Tagging
• AWS Trusted Advisor
• AWS Organizations + Multiple Accounts
What percentage of your servers today are idle?
Can we reduce costs?
+
https://aws.amazon.com/products/management/
+
Remember “ability” Factors• Repeatability, Availability, Scalability, Auditability, Flexibility, Usability
• Monitor, Monitor, & Monitor
• ADA and user’s with disabilities
• Use a Version Control System
• Dashboards work great, but you have to look at them!
• Try to Automate Everything
• Scale traffic to demands
• Automate Patching
• Blue/Green Deployments Can Reduce your Risk
What are we working on?• Joomla GIT Plugin to push to a remote repo
• Docker & Joomla
How Can I Get Started?• AWS CloudFormation
• AWS Beanstalk
• Sign Up and Get a Free Account
• Tons of resources on AWS
• Cost Calculator
• https://calculator.s3.amazonaws.com/index.html
Thanks