Your SlideShare is downloading. ×
Drupal Introduction
Why enterprises should consider it
@manishgarg
What will we cover?
• Drupal?
• Architecture
• Top Enterprise concerns
– Security
– Scalability
• Future of Drupal
INTRODUCTION
What?
Content Management System (CMS) …
Yes, but …
Web application framework
PHP, xAMP (Apache, MySQL, PHP) stack
Tools
History
Developer centric Admin Biz centric
Who?
Government Whitehouse.gov, restoreTheGulf.gov, Teach.gov, several
counties
Corporate intranet AOL, Yahoo Research, Ne...
Why?
• Out of the box
• Build & Extend easily
• ThereIsAModuleForThat
• Connect & Collaborate
– Apps
– Community
• Scalabl...
What’s fueling the growth of Drupal
• Licensing
• ~20 distributions of Dupal (intranet, education…)
• Community, Community...
ARCHITECTURE
Architecture
LAMP stack
Core modules
Contributed and developed modules
Theme (template engine)
Database
Custom content type = objects
Custom modules or hooks
Custom blocks / menus
Extend user roles and perms
Theme exi...
Core concepts
• Nodes: Content type or objects
• Hooks: Internal event handling (this is what
we cover here)
• Theming: As...
Hooks
• Basic contract between Drupal
and the different modules
• Sort of like well-known or
contractible function names
m...
SCALABILITY
Scaling
DB
Web Server
File Server
Search
Modular Architecture
• Scale out
• Scale up
Scaling – Scale the web servers
DB
WS2
File Server
Search
Load Balancer
WS1
Scaling + Failover
DB
WS2
File Server
Search
Load
Balancer
WS1
Load
Balancer
Load balancer cluster
Scaling – scale horizontal
DB
WS2
File Server
Search
Load
Balancer
WS1
Load
Balancer
Load balancer cluster
DB
Master slave...
Drupal support other scaling strategies
as well
• Inbuilt support for Multi-tenancy
• Opcode (php acceleration)
• Memcache...
SECURITY
Security
• XSS (Cross site scripting)
• SQL injection
• Files in the FS are protected (.htaccess)
– Files are prevented fr...
OWASP Top 10
Open web application security project
1. Injection
2. XSS
3. Session management
4. Insecure direct object ref...
CURRENT STATE & FUTURE
Current
Over 7,000 Modules
Close to 4,000 committers
10s of millions of websites
Drupal 7
+
Improved search, file system access
and image handling
• InnoDB support
• SQLLite
Getting started
• Get a xMAP stack
• Download Drupal
• Implement a site without writing any code
• Write a new module
Challenges
• Steep learning curve initially
• Potentially a new language to learn
• A whole new world and architecture
Drupal Introduction - Why enterprises should use it
Upcoming SlideShare
Loading in...5
×

Drupal Introduction - Why enterprises should use it

4,651

Published on

High level primer for Drupal and why should enterprises consider it.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
4,651
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • What is a CMS?
    Collaborative environment for content management through a set of process and procedures. The content can be anything from documents to videos to scientific data.
  • Portable php passord protection
  • Transcript of "Drupal Introduction - Why enterprises should use it"

    1. 1. Drupal Introduction Why enterprises should consider it @manishgarg
    2. 2. What will we cover? • Drupal? • Architecture • Top Enterprise concerns – Security – Scalability • Future of Drupal
    3. 3. INTRODUCTION
    4. 4. What? Content Management System (CMS) … Yes, but … Web application framework PHP, xAMP (Apache, MySQL, PHP) stack Tools
    5. 5. History Developer centric Admin Biz centric
    6. 6. Who? Government Whitehouse.gov, restoreTheGulf.gov, Teach.gov, several counties Corporate intranet AOL, Yahoo Research, NetApp, Intuit … Art, music, multimedia MTV UK, Sony music, Warner Brothers, Vocalo.org Social networking sites GoingOn.com, Jewcy, DrupalSN, madeloud.com E-commerce ticketcake.com, …
    7. 7. Why? • Out of the box • Build & Extend easily • ThereIsAModuleForThat • Connect & Collaborate – Apps – Community • Scalable & Secured • FREE!!
    8. 8. What’s fueling the growth of Drupal • Licensing • ~20 distributions of Dupal (intranet, education…) • Community, Community, Community Events and Meetups Chat (IRC) Planet Drupal Community Spotlight Forums Mailing lists Commercial support
    9. 9. ARCHITECTURE
    10. 10. Architecture LAMP stack Core modules Contributed and developed modules Theme (template engine)
    11. 11. Database Custom content type = objects Custom modules or hooks Custom blocks / menus Extend user roles and perms Theme existing one or create new
    12. 12. Core concepts • Nodes: Content type or objects • Hooks: Internal event handling (this is what we cover here) • Theming: Assembling the web page • Views: UI driven query engine for reports, lists, etc.
    13. 13. Hooks • Basic contract between Drupal and the different modules • Sort of like well-known or contractible function names myModule_menu(…) myModule_formAlter(…) Module 1. Defines 2. Calls
    14. 14. SCALABILITY
    15. 15. Scaling DB Web Server File Server Search Modular Architecture • Scale out • Scale up
    16. 16. Scaling – Scale the web servers DB WS2 File Server Search Load Balancer WS1
    17. 17. Scaling + Failover DB WS2 File Server Search Load Balancer WS1 Load Balancer Load balancer cluster
    18. 18. Scaling – scale horizontal DB WS2 File Server Search Load Balancer WS1 Load Balancer Load balancer cluster DB Master slave DB Cluster
    19. 19. Drupal support other scaling strategies as well • Inbuilt support for Multi-tenancy • Opcode (php acceleration) • Memcached • CSS aggregation • Compress, minify and cache JS & CSS • CDN (Content delivery network) • Resin = 6*php • CODE REUSE – Modular architecture
    20. 20. SECURITY
    21. 21. Security • XSS (Cross site scripting) • SQL injection • Files in the FS are protected (.htaccess) – Files are prevented from execution • CSRF (Cross-site Request Forgery)
    22. 22. OWASP Top 10 Open web application security project 1. Injection 2. XSS 3. Session management 4. Insecure direct object reference 5. CSRF 6. Security Misconfiguration 7. Failure to restrict URL Access 8. Unvalidated redirects and forwards 9. Insecure cryptographic storage 10. Insufficient Transport Layer Protection http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
    23. 23. CURRENT STATE & FUTURE
    24. 24. Current Over 7,000 Modules Close to 4,000 committers 10s of millions of websites
    25. 25. Drupal 7 + Improved search, file system access and image handling • InnoDB support • SQLLite
    26. 26. Getting started • Get a xMAP stack • Download Drupal • Implement a site without writing any code • Write a new module
    27. 27. Challenges • Steep learning curve initially • Potentially a new language to learn • A whole new world and architecture

    ×