2. $whoami
• Team Lead and Application Architect
• AWS Enthusiast and Security Addict
• Open Source Aficionado
• Official Joomla Contributor!
github.com/jdolinski
@jimdolinski
linkedin.com/jimdolinski
3. Company background…
IT support for City of Omaha and Douglas County, NE
Hosting & Supporting 100+ Joomla Websites
2016 & 2017 AWS City on Cloud Finalist
6. “as a Service”
We are in a marketing acronym hell
• IaaS
• PaaS
• SaaS
• DBaaS
• DaaS
• SECaaS
• FaaS
• Plus many more
Cost & Complexity
Maintainability
IaaS
On Premise Data Center
PaaS
SaaS
12. Cloud Architecture
“as a Service” 12 Factors
I. Codebase
One codebase tracked in revision control, many deploys
II. Dependencies
Explicitly declare and isolate dependencies
III. Config
Store config in the environment
IV. Backing services
Treat backing services as attached resources
V. Build, release, run
Strictly separate build and run stages
VI. Processes
Execute the app as one or more stateless processes
VII. Port binding
Export services via port binding
VIII. Concurrency
Scale out via the process model
IX. Disposability
Maximize robustness with fast startup and graceful
shutdown
X. Dev/prod parity
Keep development, staging, and production as similar
as possible
XI. Logs
Treat logs as event streams
XII. Admin processes
Run admin/management tasks as one-off processes
https://12factor.net/
18. Architectural Design
Patterns
1. Lift & Shift (AMI)
2. AMI Builder (Clustered AMI)
3. NAS (Network Attached Storage)
4. Multi Region and AZ Deployments
It depends on your requirements…
19. Lift & Shift Pattern
Pros
• Quick & Easy
Cons
• Single Point of Failure
• Tight Coupling
• Not Cohesive
20. AMI/EBS Builder Pattern
Pros
• Good Performance
• Can be clustered in
multiple AZs and Regions
Cons
• Create AMI for every
Joomla or extension
upgrade
• AMI Maintenance
increases with more
websites sharing same
server
• Storage is not elastic
21. EFS Pattern
Pros
• Joomla & Extension
upgrades simple
• Storage is elastic
• AZ’s share same storage
Cons
• Slower than attached
block storage
• EFS can not be mounted
across regions
22. Multi AZ Pattern
Pros
• Redundancy within same
region
• Joomla updates simple
on EFS
Cons
• Joomla updates on EBS
Multi AZ is recommended at a minimum
23. Multi AZ & Region Pattern
Pros
• Scalable and highly
available architecture
• active/passive or active/
active failover
• Latency based routing
• Privacy laws governing
data
Cons
• Technically Complex
• More Costs
• Requires mid/advanced
knowledge of more
services
24. Design for failure and
automate everything
It’s not “if” but “when”, and it will occur while you are on
vacation!
}Maximize Flexibility
Minimize Maintenance & Costs
Prefer
“Managed Services”
over
“Service Installs”
28. DevOps Configuration
Management
• Infrastructure as Code
• OS Hardening
• Software installs
• Practice Immutability
• AWS OpsWorks
• Chef
https://martinfowler.com/bliki/ImmutableServer.html
“By frequently destroying and
rebuilding servers from the base
image, 100% of the server's elements
are reset to a known state, without
spending a ridiculous amount of time
specifying and maintaining detailed
configuration specifications.”
- Martin Fowler
31. DevOps Configuration
Management
Continuous Integration (CI)
is a development practice
that requires developers
to integrate code into a
shared repository several
times a day. Each check-in is
then verified by an automated
build, allowing teams to
detect problems early.
https://www.thoughtworks.com/continuous-integration
36. JCH Optimize Pro
+
https://www.jch-optimize.net/
Major Features
• Combine and gzip CSS and javascript files respectively
• Minify combined files and HTML
• Combine select background images into a sprite
• CDN Support Pro version only
• Lazy-load images Pro version only
• Optimize CSS Delivery Pro version only
• Optimize Images Pro version only
37. Are we down?
Know before your customers!
“Communication will build trust and confidence”
+
https://www.pagerduty.com/docs/guides/aws-cloudwatch-integration-guide/
39. Practice Defense in Depth
• Firewalls are core
• https everything
• Google Webmaster Tools
• Implement Intrusion Detection
• Routinely Audit & Patch your Joomla Sites
• Logs and retention are crucial
50. Remember “ability” Factors
• Repeatability, Availability, Scalability, Auditability, Flexibility, Usability
• Monitor, Monitor, & Monitor
• ADA and user’s with disabilities
• Use a Version Control System
• Dashboards work great, but you have to look at them!
• Try to Automate Everything
• Scale traffic to demands
• Automate Patching
• Blue/Green Deployments Can Reduce your Risk
51. What are we working on?
• Joomla GIT Plugin to push to a remote repo
• Docker & Joomla
52. How Can I Get Started?
• AWS CloudFormation
• AWS Beanstalk
• Sign Up and Get a Free Account
• Tons of resources on AWS
• Cost Calculator
• https://calculator.s3.amazonaws.com/index.html