SlideShare a Scribd company logo
How to Build a Cloud Native Platform
for Enterprise Drupal Applications
Pavan Keshavamurthy , Head of Enterprise Architecture, DevOps & Cloud Practice
Girish Kumar, Senior Cloud/Infrastructure Architect
#SrijanWW | @srijan
Introductions
Pavan K leads Srijan's Enterprise Architecture, Cloud & DevOps Practice.
His charter within Srijan is to engage customers and teams in a
consulting/advisory role, particularly around areas concerning platform
building & microservices architectures.
Girish is a Sr Cloud / Infra Architect with 10+ years of experience. He has
had prior stints an Infrastrcutre / DevOps Engineer in FiberLink (IBM), SAP
and several startups before joining Srijan.
At Srijan he leads multiple projects with a focus around cloud engineering
for various classes of workloads.
Enterprise Architecture
● Platform Engineering
● Cloud Engineering
● API Management
● Microservices
● Agile & DevOps
SRIJAN is a full lifecycle digital engineering firm.
We specialize in enterprise product & platform
innovation, fuelled primarily on open source & cloud
technologies.
Our customers say we run software delivery like a
hospitality business.
Digital Engagement
● Enterprise Content
Management
● Portals
● Front-end engineering
Data Science
● Analytics
● Machine Learning
● Data Engineering
● Chatbots
➔ 15+ years of profitable growth
➔ 10+ Multi-year enterprise customers
➔ Global consulting & delivery: HQ’d in
India with operations across America,
EMEA, APAC
➔ 300+ Headcount
➔ Thriving culture of Agility, Engg & Open
Source Contributions
∞
About this session
This session is relevant for you if
you are:
● An IT / Business stakeholder
responsible for the development and
operations of Drupal projects
● An infrastructure or cloud engineer
curious to gain a worldview around
running Drupal on the cloud
● A Drupal developer / application
engineer who loves to dabble with
things on the ops side.
● A Drupal Company / Managed Services
Org that builds (OR) maintains a number
of Drupal sites
What you will learn during this session:
● Gotchas around “running” Drupal
○ By yourself vs NOT
○ When to & when NOT to
● Def:
○ “Platform”
○ “Cloud Native”
● LAMP stack Gotchas
○ On Docker Containers
○ Kubernetes (a full refresher)
● How to build and run your own
Before we go ahead: A Quick recap on Drupal
● Formerly a Content Management System
○ With D8 - Evolved to a Symfony-esque Content
Management Framework”
● Amongst the most popular OSS projects in the world:
Active community of 100K+ contributors with a plugin
ecosystem of 40K+
● Powers a whole range of web applications in diverse
domains: Gov, Media/Entertainment, Education,
Publishing, Non profits Consumer Internet unto high
tech
● Mature ecosystem of service providers: Single-person
studios to SIs with whole units focussed on Drupal
development
Powering in excess of 1M sites.
> 2% of websites on the entire
internet
..and Docker & Kubernetes
● Docker: De-facto standard for containers. Tiny footprint
vis-a-vis conventional VMs. Shared kernel and
separated user space
● Kubernetes: De-facto standard for container
orchestration (born at Google)
○ Containers need management = distributed
systems problem
○ Manage lifecycle of containers, distribution,
scheduling, command & control, etc
● Together: de-facto standard for cloud abstraction.
Ability to run on any cloud without binding to IaaS
primitives
Running Drupal
Source: Drupal runing on RPi,
https://blog.adafruit.com/2015/06/12/introducing-the-dramble-raspberry-pi-2-cluster-run
ning-drupal-8-piday-raspberrypi-raspberry_pi/
PaaS: Aka you build
it, they run it
Public Cloud IaaS:
You build it;
you also run it
Run it on your own infra: (aka eating your own
dogfood)
Hosting Options: Comparison
PaaS
Platform ability to provision and spawn
environments. Your teams concentrate on
building and not running
Scalability concerns are a platform issue
Security is a joint responsibility model (platform
security is PaaS responsibility, Application
Security is your responsibility)
PaaS gives you basic lifecycle management
tooling: Building and deploying is via UI or
higher level APIs
PaaS gives you run tooling: monitoring, DR,
support (along with SLAs: 99.xxx)
Usually restrictive on what you can run:
Constraints plus lock in
$$. Expensive. IaaS + nX.
IaaS
You're responsible for both building and running
Scaling up and scaling out are your problems
Security is a joint responsibility with IaaS (You're also
responsible for "security in the cloud" alongside
application security)
Build your own
You're all on your own
Run whatever you want (aka control on own destiny)
Just IaaS. Very significant cost savings at scale
There’s a third option
Build your own platform *.
*
➔ If you have a business case: ex, high
volume application, high traffic, polyglot
architecture etc
➔ In general, you have control or cost
requirements meritorious of building one
➔ If you already have a sizable investment in
public/private cloud and have an ops team
(even if for security governance &
compliance only) with capacity available
Cloud Platforms
Platform: What must one do?
A wishlist
1. Provide a layer of
abstraction above IaaS
2. Ecosystem: Deliver
agile, efficient and
effective experiences for
a. Developers
b. Operators
3. Handle cross cutting
concerns
4. Scale
5. Secure
Cloud Native
Cloud Native is a foundational & prescriptive
methodology towards designing and building
applications that are meant to run in the cloud.
Strongly internalises Agile, DevOps and modern,
resilient software architectures like
microservices
Cloud Native and Drupal: An aspirational model
➔ Drupal ideally as a containerized stack
➔ Running on LAMP/LEMP, well governed base images (host OS provisioning, container
golden images)
➔ Developers have idiomatic experience: Can build high fidelity local environments easily
➔ Minimal or No Ops: CI/CD systems do the hard work
➔ Distributed / Bucket Filesystem. Docroot is ideally immutable and read-only
➔ Public / Private Files Externalized (such as S3 or abstracted from block device - S3
fuse fs)
➔ Take advantage of PaaS services: For Databases, Cache Stores, Load Balancers,
Queues, Gateways, etc.
➔ Run on any cloud (or lift & shift with minimal overhead)
➔ Scale up, Scale out and Scale down
➔ An operational model: provisioning new applications, routing, monitoring, releases,
deployment
Drupal Platforming Concerns
● Logical Architecture
● Stack Topology: Physical & Security Architecture
● Local Development
● Dev & Build Tools
● CI & Delivery Pipeline
● Monitoring & Management
Part A: The first thing: LAMP Stack architecture
A typical LAMP stack
application architecture.
Docker provides the
additional benefit of a host
agnostic runtime and a way to
govern autonomous local
development.
High fidelity environments.
Aka what you build is what
you deploy.
A second step: Deeper dive into LA|E|MP
concurrency model
Apache Concurrency Model options
Nginx: Typical PHP runtime model
Summary
- Alignment of the right concurrency model is critical to scale
- Apache prefork for example is the easiest setup, but is notorious for resource
leakage
- Art & science HA setup involves often multiple pieces: Reverse Proxies, Reverse
Proxy Load Balancers, Process model (processes vs threads), Networking
(TCP/IP vs Unix Socket).
- KPIs: Process size in compute, I/O, network terms. Exploratory analysis with load
patterns will help you benchmark and test frontiers of stress
- Build observability into the system to ensure you application / platform is properly
instrumented and debuggable for underlying platform issues so you deal with problems
empirically
Part B: Physical / Virt Layer (Example: AWS)
Part B: Physical / Virt Layer (Example: Azure)
Part B: Summary
- Network & Secure Virt/Physical Architecture is a key foundational step
- Size and design your network
- For Availability
- Subnets by function (and access at such)
- Secure your network
- Almost all IaaS support some form of IAC and templating systems. CloudFormation,
ARM, Terraform etc.
- Consider a shared services network peered for concerns including monitoring /
telemetry / deployments and more
- For modern API applications with decoupled front-ends, strongly consider an ingress
service (such as an API gateway) for handling various cross cutting concerns
Part C: Developer Workflow: Local Development /
Build Tools
Part C: Summary (constituents of idiomatic
developer experience)
➔ Utilities to setup your environment: including (anonymized) databases. Time To First
Line of Code is the best heuristic of developer experience
➔ Galaxy of static code analysis tooling: Sonarqube, PHPMD, PHPCS, TaintPHP;
Eliminate garbage.
➔ IDE or Editor experience: Importantly, with debugging tooling (xdebug)
➔ Package management tooling: Composer, drush etc
➔ Drush: Important! (Drush aliases for your local environment)
➔ Check -> build -> test -> push idiom
➔ Your CI implements your local build idiom thus providing parity between what
happens locally and what happens remotely
Part D: CI / CD pipelines: Spinnaker
Deployment Models
Part D: Summary (CI/CD)
➔ Adopt (preferably) a GitOps style model: VCS as the single source of truth
➔ CI/CD in the context of Kubernetes. Artefacts are
◆ K8S Object Manifests (deployments, helm charts)
◆ Containers (in a registry)
➔ Separate build / bake / deploy
➔ Separate build and run (prod - non prod)
➔ You should be able to declaratively implement deployment strategies (aka, don’t engineer this
yourself - use Spinnaker, if you can)
➔ Spinnaker is not a replacement for your task runner / automation tooling: Can be complementary
to Jenkins (infact, leverages Jenkins for builds as a proxy), GitLab CI or others
➔ Mitigate risks: Have a responsible development process, but ability to rollback (hard, with
databases), rollforwards, hotfixes. Have SOPs in place including a DR strategy
Part E: Monitoring
Part E: Summary (Monitoring)
➔ Instrument your applications: Log stream telemetry. Without this, you’ll be on YOLO mode.
➔ You’ll need some form of a monitoring agent to collect log telemetry for analysis. If you can afford it, a
paid service is great: ex, NewRelic, Nagios etc. Better still, your cloud provider already provides a manged
service that can be leveraged with APIs (ex: CloudWatch, OMS etc)
➔ A network level monitor, ingress/service mesh/api gateway is a huge plus, particularly in cases where
Drupal is part of a constellation of microservices
➔ Otherwise, a standard ELK|EFK stack is useful.
➔ Cluster / Infra KPIs with Kubernetes is a breeze. Prometheus, Grafana, Sysdig, InfluxDB are standard
tooling. cAdvisor, Heapster provide advanced container level telemetry. Most of these tooling can be
deployed as services (which watch API server) OR DaemonSets (watch nodes directly)
➔ Prometheus provides an excellent AlertManager; SysDig provides advanced tooling like behavioural
analysis (Falco)
➔ Overall galaxy of monitoring tooling is vast. Awareness of key risks, KPIs and a strong operational model
(tailored for your needs) is necessary. This intersects people & process concerns as well
<DEMO>
</>
Questions?
(Srijan also provides consulting,
advisory and implementation
services for Drupal and other
platforming concerns)
Contact Us
Know More
www.srijan.net
business@srijan.net

More Related Content

What's hot (20)

PDF
MongoDB World 2018: MongoDB and Cloud Foundry – A Match Made for the Cloud
MongoDB
 
PDF
Journey Through Four Stages of Kubernetes Deployment Maturity
Altoros
 
PPTX
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Weaveworks
 
PDF
Model and pilot all cloud layers with OCCIware - Eclipse Day Lyon 2017
Marc Dutoo
 
PPTX
2015 03-11_todd-fritz_devnexus_2015
Todd Fritz
 
PDF
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
Ludovic Piot
 
PDF
Enterprise Cloud Native is the New Normal
QAware GmbH
 
PDF
The rise of microservices
Cloud Technology Experts
 
PPTX
AWS Summit London 2019 - Containers on AWS
Massimo Ferre'
 
PPTX
Api more than payload (2021 Update)
Phil Wilkins
 
PDF
Event specifications, state of the serverless landscape, and other news from ...
Daniel Krook
 
PPTX
Jelastic for Hosting & MSP
Dmitry Lazarenko
 
PPT
IBM Bluemix OpenWhisk: Interconnect 2016, Las Vegas: CCD-1088: The Future of ...
OpenWhisk
 
PDF
Watson on bluemix
Animesh Singh
 
PDF
DevOps and BigData Analytics
sbbabu
 
PPTX
The Cloud Talk
Kellyn Pot'Vin-Gorman
 
PPTX
IBM Bluemix OpenWhisk: Cloud Foundry Summit 2016, Frankfurt, Germany: The Fut...
OpenWhisk
 
PDF
Beyond 12 Factor - Developing Cloud Native Applications
Container Solutions
 
PPTX
Serverless design with Fn project
Siva Rama Krishna Chunduru
 
PDF
Serverless Architectures in Banking: OpenWhisk on IBM Bluemix at Santander
Daniel Krook
 
MongoDB World 2018: MongoDB and Cloud Foundry – A Match Made for the Cloud
MongoDB
 
Journey Through Four Stages of Kubernetes Deployment Maturity
Altoros
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Weaveworks
 
Model and pilot all cloud layers with OCCIware - Eclipse Day Lyon 2017
Marc Dutoo
 
2015 03-11_todd-fritz_devnexus_2015
Todd Fritz
 
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
Ludovic Piot
 
Enterprise Cloud Native is the New Normal
QAware GmbH
 
The rise of microservices
Cloud Technology Experts
 
AWS Summit London 2019 - Containers on AWS
Massimo Ferre'
 
Api more than payload (2021 Update)
Phil Wilkins
 
Event specifications, state of the serverless landscape, and other news from ...
Daniel Krook
 
Jelastic for Hosting & MSP
Dmitry Lazarenko
 
IBM Bluemix OpenWhisk: Interconnect 2016, Las Vegas: CCD-1088: The Future of ...
OpenWhisk
 
Watson on bluemix
Animesh Singh
 
DevOps and BigData Analytics
sbbabu
 
The Cloud Talk
Kellyn Pot'Vin-Gorman
 
IBM Bluemix OpenWhisk: Cloud Foundry Summit 2016, Frankfurt, Germany: The Fut...
OpenWhisk
 
Beyond 12 Factor - Developing Cloud Native Applications
Container Solutions
 
Serverless design with Fn project
Siva Rama Krishna Chunduru
 
Serverless Architectures in Banking: OpenWhisk on IBM Bluemix at Santander
Daniel Krook
 

Similar to [Srijan Wednesday Webinars] How to Build a Cloud Native Platform for Enterprise Drupal Applications (20)

PDF
Architecting Cloud Computing Solutions with Java [1.1]
Otávio Santana
 
PPTX
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 
PDF
Arquitetando soluções de computação em nuvem com Java
Otávio Santana
 
PDF
Transformacion e innovacion digital Meetup - Application Modernization and Mi...
José Román Martín Gil
 
PPTX
CNCF Introduction - Feb 2018
Krishna-Kumar
 
PDF
The Decoupled CMS in Financial Services
Open Source Strategy Forum
 
PDF
.NET Cloud-Native Bootcamp- Los Angeles
VMware Tanzu
 
PDF
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH
 
PPTX
Serverless - DevOps Lessons Learned From Production
Steve Hogg
 
PDF
Webcast Presentation: Be lean. Be agile. Work together with DevOps Services (...
GRUC
 
PDF
Java Agile ALM: OTAP and DevOps in the Cloud
MongoDB
 
PDF
The Future of Cloud Innovation, featuring Adrian Cockcroft
Dun & Bradstreet Cloud Innovation Center
 
PDF
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH
 
PDF
Cloud-native Patterns (July 4th, 2019)
Alexandre Roman
 
PDF
Cloud-native Patterns
VMware Tanzu
 
PDF
Cloud Architecture Tutorial - Why and What (1of 3)
Adrian Cockcroft
 
PDF
Next gen software operations models in the cloud
Aarno Aukia
 
PPTX
Dirigible powered by Orion for Cloud Development (EclipseCon EU 2015)
Nedelcho Delchev
 
PPTX
Cloud and agile software projects: Overview and Benefits
Guillaume Berche
 
PDF
Nimbus Concept
Nimbus Concept
 
Architecting Cloud Computing Solutions with Java [1.1]
Otávio Santana
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 
Arquitetando soluções de computação em nuvem com Java
Otávio Santana
 
Transformacion e innovacion digital Meetup - Application Modernization and Mi...
José Román Martín Gil
 
CNCF Introduction - Feb 2018
Krishna-Kumar
 
The Decoupled CMS in Financial Services
Open Source Strategy Forum
 
.NET Cloud-Native Bootcamp- Los Angeles
VMware Tanzu
 
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH
 
Serverless - DevOps Lessons Learned From Production
Steve Hogg
 
Webcast Presentation: Be lean. Be agile. Work together with DevOps Services (...
GRUC
 
Java Agile ALM: OTAP and DevOps in the Cloud
MongoDB
 
The Future of Cloud Innovation, featuring Adrian Cockcroft
Dun & Bradstreet Cloud Innovation Center
 
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH
 
Cloud-native Patterns (July 4th, 2019)
Alexandre Roman
 
Cloud-native Patterns
VMware Tanzu
 
Cloud Architecture Tutorial - Why and What (1of 3)
Adrian Cockcroft
 
Next gen software operations models in the cloud
Aarno Aukia
 
Dirigible powered by Orion for Cloud Development (EclipseCon EU 2015)
Nedelcho Delchev
 
Cloud and agile software projects: Overview and Benefits
Guillaume Berche
 
Nimbus Concept
Nimbus Concept
 
Ad

More from Srijan Technologies (20)

PDF
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] How to Set Up a Node.js Microservices Architectur...
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Using Drupal as Data Pipeline for Digital Signage
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] New Recipe of Decoupling: Drupal 8, Symfony and S...
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Let’s Take the Best Route - Exploring Drupal 8 Ro...
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Is Your Business Ready for GDPR
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Artificial Intelligence & the Future of Business
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] How to Design a Chatbot that Works
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Simplifying Migration to Drupal 8
Srijan Technologies
 
PDF
Final dependency presentation.odp
Srijan Technologies
 
PPTX
[Srijan Wednesday Webinar] Leveraging the OGD Platform and Visualization Engine
Srijan Technologies
 
PPTX
[Srijan Wednesday Webinars] Why Adopt Analytics Driven Testing
Srijan Technologies
 
PDF
[Srijan Wednesday Webinar] Key ingredients of a Powerful Test Automation System
Srijan Technologies
 
PDF
[Srijan Wednesday Webinar] Building BPMN Web Portals with Camunda and Drupal
Srijan Technologies
 
PDF
[Srijan Wednesday Webinar] Decoupled Demystified: The Present & Future of Dr...
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Automating Visual Regression using ‘Galen’
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] NASA, Netflix, Tinder: Digital Transformation and...
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Building a High Performance QA Team
Srijan Technologies
 
PDF
[Srijan Wednesday Webinar] Mastering Mobile Test Automation with Appium
Srijan Technologies
 
PDF
[Srijan Wednesday Webinars] Transitioning to an Organization-wide Agile Culture
Srijan Technologies
 
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
Srijan Technologies
 
[Srijan Wednesday Webinars] How to Set Up a Node.js Microservices Architectur...
Srijan Technologies
 
[Srijan Wednesday Webinars] Using Drupal as Data Pipeline for Digital Signage
Srijan Technologies
 
[Srijan Wednesday Webinars] New Recipe of Decoupling: Drupal 8, Symfony and S...
Srijan Technologies
 
[Srijan Wednesday Webinars] Let’s Take the Best Route - Exploring Drupal 8 Ro...
Srijan Technologies
 
[Srijan Wednesday Webinars] Is Your Business Ready for GDPR
Srijan Technologies
 
[Srijan Wednesday Webinars] Artificial Intelligence & the Future of Business
Srijan Technologies
 
[Srijan Wednesday Webinars] How to Design a Chatbot that Works
Srijan Technologies
 
[Srijan Wednesday Webinars] Simplifying Migration to Drupal 8
Srijan Technologies
 
Final dependency presentation.odp
Srijan Technologies
 
[Srijan Wednesday Webinar] Leveraging the OGD Platform and Visualization Engine
Srijan Technologies
 
[Srijan Wednesday Webinars] Why Adopt Analytics Driven Testing
Srijan Technologies
 
[Srijan Wednesday Webinar] Key ingredients of a Powerful Test Automation System
Srijan Technologies
 
[Srijan Wednesday Webinar] Building BPMN Web Portals with Camunda and Drupal
Srijan Technologies
 
[Srijan Wednesday Webinar] Decoupled Demystified: The Present & Future of Dr...
Srijan Technologies
 
[Srijan Wednesday Webinars] Automating Visual Regression using ‘Galen’
Srijan Technologies
 
[Srijan Wednesday Webinars] NASA, Netflix, Tinder: Digital Transformation and...
Srijan Technologies
 
[Srijan Wednesday Webinars] Building a High Performance QA Team
Srijan Technologies
 
[Srijan Wednesday Webinar] Mastering Mobile Test Automation with Appium
Srijan Technologies
 
[Srijan Wednesday Webinars] Transitioning to an Organization-wide Agile Culture
Srijan Technologies
 
Ad

Recently uploaded (20)

PPTX
AVL ( audio, visuals or led ), technology.
Rajeshwri Panchal
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PPTX
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PDF
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PDF
Per Axbom: The spectacular lies of maps
Nexer Digital
 
PDF
Responsible AI and AI Ethics - By Sylvester Ebhonu
Sylvester Ebhonu
 
PDF
State-Dependent Conformal Perception Bounds for Neuro-Symbolic Verification
Ivan Ruchkin
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PDF
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PPTX
The Future of AI & Machine Learning.pptx
pritsen4700
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
AVL ( audio, visuals or led ), technology.
Rajeshwri Panchal
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
Per Axbom: The spectacular lies of maps
Nexer Digital
 
Responsible AI and AI Ethics - By Sylvester Ebhonu
Sylvester Ebhonu
 
State-Dependent Conformal Perception Bounds for Neuro-Symbolic Verification
Ivan Ruchkin
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
The Future of AI & Machine Learning.pptx
pritsen4700
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 

[Srijan Wednesday Webinars] How to Build a Cloud Native Platform for Enterprise Drupal Applications

  • 1. How to Build a Cloud Native Platform for Enterprise Drupal Applications Pavan Keshavamurthy , Head of Enterprise Architecture, DevOps & Cloud Practice Girish Kumar, Senior Cloud/Infrastructure Architect #SrijanWW | @srijan
  • 2. Introductions Pavan K leads Srijan's Enterprise Architecture, Cloud & DevOps Practice. His charter within Srijan is to engage customers and teams in a consulting/advisory role, particularly around areas concerning platform building & microservices architectures. Girish is a Sr Cloud / Infra Architect with 10+ years of experience. He has had prior stints an Infrastrcutre / DevOps Engineer in FiberLink (IBM), SAP and several startups before joining Srijan. At Srijan he leads multiple projects with a focus around cloud engineering for various classes of workloads.
  • 3. Enterprise Architecture ● Platform Engineering ● Cloud Engineering ● API Management ● Microservices ● Agile & DevOps SRIJAN is a full lifecycle digital engineering firm. We specialize in enterprise product & platform innovation, fuelled primarily on open source & cloud technologies. Our customers say we run software delivery like a hospitality business. Digital Engagement ● Enterprise Content Management ● Portals ● Front-end engineering Data Science ● Analytics ● Machine Learning ● Data Engineering ● Chatbots ➔ 15+ years of profitable growth ➔ 10+ Multi-year enterprise customers ➔ Global consulting & delivery: HQ’d in India with operations across America, EMEA, APAC ➔ 300+ Headcount ➔ Thriving culture of Agility, Engg & Open Source Contributions ∞
  • 4. About this session This session is relevant for you if you are: ● An IT / Business stakeholder responsible for the development and operations of Drupal projects ● An infrastructure or cloud engineer curious to gain a worldview around running Drupal on the cloud ● A Drupal developer / application engineer who loves to dabble with things on the ops side. ● A Drupal Company / Managed Services Org that builds (OR) maintains a number of Drupal sites What you will learn during this session: ● Gotchas around “running” Drupal ○ By yourself vs NOT ○ When to & when NOT to ● Def: ○ “Platform” ○ “Cloud Native” ● LAMP stack Gotchas ○ On Docker Containers ○ Kubernetes (a full refresher) ● How to build and run your own
  • 5. Before we go ahead: A Quick recap on Drupal ● Formerly a Content Management System ○ With D8 - Evolved to a Symfony-esque Content Management Framework” ● Amongst the most popular OSS projects in the world: Active community of 100K+ contributors with a plugin ecosystem of 40K+ ● Powers a whole range of web applications in diverse domains: Gov, Media/Entertainment, Education, Publishing, Non profits Consumer Internet unto high tech ● Mature ecosystem of service providers: Single-person studios to SIs with whole units focussed on Drupal development Powering in excess of 1M sites. > 2% of websites on the entire internet
  • 6. ..and Docker & Kubernetes ● Docker: De-facto standard for containers. Tiny footprint vis-a-vis conventional VMs. Shared kernel and separated user space ● Kubernetes: De-facto standard for container orchestration (born at Google) ○ Containers need management = distributed systems problem ○ Manage lifecycle of containers, distribution, scheduling, command & control, etc ● Together: de-facto standard for cloud abstraction. Ability to run on any cloud without binding to IaaS primitives
  • 7. Running Drupal Source: Drupal runing on RPi, https://blog.adafruit.com/2015/06/12/introducing-the-dramble-raspberry-pi-2-cluster-run ning-drupal-8-piday-raspberrypi-raspberry_pi/ PaaS: Aka you build it, they run it Public Cloud IaaS: You build it; you also run it Run it on your own infra: (aka eating your own dogfood)
  • 8. Hosting Options: Comparison PaaS Platform ability to provision and spawn environments. Your teams concentrate on building and not running Scalability concerns are a platform issue Security is a joint responsibility model (platform security is PaaS responsibility, Application Security is your responsibility) PaaS gives you basic lifecycle management tooling: Building and deploying is via UI or higher level APIs PaaS gives you run tooling: monitoring, DR, support (along with SLAs: 99.xxx) Usually restrictive on what you can run: Constraints plus lock in $$. Expensive. IaaS + nX. IaaS You're responsible for both building and running Scaling up and scaling out are your problems Security is a joint responsibility with IaaS (You're also responsible for "security in the cloud" alongside application security) Build your own You're all on your own Run whatever you want (aka control on own destiny) Just IaaS. Very significant cost savings at scale
  • 9. There’s a third option Build your own platform *. * ➔ If you have a business case: ex, high volume application, high traffic, polyglot architecture etc ➔ In general, you have control or cost requirements meritorious of building one ➔ If you already have a sizable investment in public/private cloud and have an ops team (even if for security governance & compliance only) with capacity available
  • 10. Cloud Platforms Platform: What must one do? A wishlist 1. Provide a layer of abstraction above IaaS 2. Ecosystem: Deliver agile, efficient and effective experiences for a. Developers b. Operators 3. Handle cross cutting concerns 4. Scale 5. Secure
  • 11. Cloud Native Cloud Native is a foundational & prescriptive methodology towards designing and building applications that are meant to run in the cloud. Strongly internalises Agile, DevOps and modern, resilient software architectures like microservices
  • 12. Cloud Native and Drupal: An aspirational model ➔ Drupal ideally as a containerized stack ➔ Running on LAMP/LEMP, well governed base images (host OS provisioning, container golden images) ➔ Developers have idiomatic experience: Can build high fidelity local environments easily ➔ Minimal or No Ops: CI/CD systems do the hard work ➔ Distributed / Bucket Filesystem. Docroot is ideally immutable and read-only ➔ Public / Private Files Externalized (such as S3 or abstracted from block device - S3 fuse fs) ➔ Take advantage of PaaS services: For Databases, Cache Stores, Load Balancers, Queues, Gateways, etc. ➔ Run on any cloud (or lift & shift with minimal overhead) ➔ Scale up, Scale out and Scale down ➔ An operational model: provisioning new applications, routing, monitoring, releases, deployment
  • 13. Drupal Platforming Concerns ● Logical Architecture ● Stack Topology: Physical & Security Architecture ● Local Development ● Dev & Build Tools ● CI & Delivery Pipeline ● Monitoring & Management
  • 14. Part A: The first thing: LAMP Stack architecture A typical LAMP stack application architecture. Docker provides the additional benefit of a host agnostic runtime and a way to govern autonomous local development. High fidelity environments. Aka what you build is what you deploy.
  • 15. A second step: Deeper dive into LA|E|MP concurrency model Apache Concurrency Model options Nginx: Typical PHP runtime model
  • 16. Summary - Alignment of the right concurrency model is critical to scale - Apache prefork for example is the easiest setup, but is notorious for resource leakage - Art & science HA setup involves often multiple pieces: Reverse Proxies, Reverse Proxy Load Balancers, Process model (processes vs threads), Networking (TCP/IP vs Unix Socket). - KPIs: Process size in compute, I/O, network terms. Exploratory analysis with load patterns will help you benchmark and test frontiers of stress - Build observability into the system to ensure you application / platform is properly instrumented and debuggable for underlying platform issues so you deal with problems empirically
  • 17. Part B: Physical / Virt Layer (Example: AWS)
  • 18. Part B: Physical / Virt Layer (Example: Azure)
  • 19. Part B: Summary - Network & Secure Virt/Physical Architecture is a key foundational step - Size and design your network - For Availability - Subnets by function (and access at such) - Secure your network - Almost all IaaS support some form of IAC and templating systems. CloudFormation, ARM, Terraform etc. - Consider a shared services network peered for concerns including monitoring / telemetry / deployments and more - For modern API applications with decoupled front-ends, strongly consider an ingress service (such as an API gateway) for handling various cross cutting concerns
  • 20. Part C: Developer Workflow: Local Development / Build Tools
  • 21. Part C: Summary (constituents of idiomatic developer experience) ➔ Utilities to setup your environment: including (anonymized) databases. Time To First Line of Code is the best heuristic of developer experience ➔ Galaxy of static code analysis tooling: Sonarqube, PHPMD, PHPCS, TaintPHP; Eliminate garbage. ➔ IDE or Editor experience: Importantly, with debugging tooling (xdebug) ➔ Package management tooling: Composer, drush etc ➔ Drush: Important! (Drush aliases for your local environment) ➔ Check -> build -> test -> push idiom ➔ Your CI implements your local build idiom thus providing parity between what happens locally and what happens remotely
  • 22. Part D: CI / CD pipelines: Spinnaker
  • 24. Part D: Summary (CI/CD) ➔ Adopt (preferably) a GitOps style model: VCS as the single source of truth ➔ CI/CD in the context of Kubernetes. Artefacts are ◆ K8S Object Manifests (deployments, helm charts) ◆ Containers (in a registry) ➔ Separate build / bake / deploy ➔ Separate build and run (prod - non prod) ➔ You should be able to declaratively implement deployment strategies (aka, don’t engineer this yourself - use Spinnaker, if you can) ➔ Spinnaker is not a replacement for your task runner / automation tooling: Can be complementary to Jenkins (infact, leverages Jenkins for builds as a proxy), GitLab CI or others ➔ Mitigate risks: Have a responsible development process, but ability to rollback (hard, with databases), rollforwards, hotfixes. Have SOPs in place including a DR strategy
  • 26. Part E: Summary (Monitoring) ➔ Instrument your applications: Log stream telemetry. Without this, you’ll be on YOLO mode. ➔ You’ll need some form of a monitoring agent to collect log telemetry for analysis. If you can afford it, a paid service is great: ex, NewRelic, Nagios etc. Better still, your cloud provider already provides a manged service that can be leveraged with APIs (ex: CloudWatch, OMS etc) ➔ A network level monitor, ingress/service mesh/api gateway is a huge plus, particularly in cases where Drupal is part of a constellation of microservices ➔ Otherwise, a standard ELK|EFK stack is useful. ➔ Cluster / Infra KPIs with Kubernetes is a breeze. Prometheus, Grafana, Sysdig, InfluxDB are standard tooling. cAdvisor, Heapster provide advanced container level telemetry. Most of these tooling can be deployed as services (which watch API server) OR DaemonSets (watch nodes directly) ➔ Prometheus provides an excellent AlertManager; SysDig provides advanced tooling like behavioural analysis (Falco) ➔ Overall galaxy of monitoring tooling is vast. Awareness of key risks, KPIs and a strong operational model (tailored for your needs) is necessary. This intersects people & process concerns as well
  • 28. </> Questions? (Srijan also provides consulting, advisory and implementation services for Drupal and other platforming concerns)