Liferay DEVCON 2023 - What's cooking in Liferay's Cloud?
•Download as PPTX, PDF•
0 likes•20 views
A journey from the Product perspective touching the recent releases made in the platform. The current roadmap and the future vision for the Cloud.
Recommended
Recommended
More Related Content
Similar to Liferay DEVCON 2023 - What's cooking in Liferay's Cloud?
Similar to Liferay DEVCON 2023 - What's cooking in Liferay's Cloud? (20)
More from Thiago Leão Moreira
More from Thiago Leão Moreira (8)
Recently uploaded
Recently uploaded (20)
Liferay DEVCON 2023 - What's cooking in Liferay's Cloud?
- 1. What’s Cooking in Liferay’s Cloud? Recent Releases, Roadmap, and Future Vision Senior Product Manager Platform Services Misael Neto Product Owner Platform Services Thiago Moreira
- 2. Gartner analysts said that more than 85% of organizations will embrace a cloud-first principle by 2025 and will not be able to fully execute on their digital strategies without the use of cloud-native architectures and technologies. 85% Cloud-first by 2025
- 3. 5 key benefits… …even better
- 8. Simple Develop & Release Cycle
- 11. High-availability Web Server Nginx Liferay Experience Cloud Liferay DXP Liferay VPN OpenVPN / IPSec Search Elasticsearch CI Service Jenkins Database MySQL File System NFS Backup NodeJS H A H A 3 2 2
- 12. We simplify the deployment, management and evolution of DXP Customer Shared / Private Cluster - VPC Network - VM ISP Network Internet LCP Registry Docker Hub Antivirus ClamAV IDS Threat Stack HTTP(S) Load Balancer + WAF - GKE Ingress DDoS Protection + CDN - GCP POP Network INFRA Env - Network Group CI Server Jenkins Volumes LCP Config Customer VPN VPN Server Customer Repository Git Server Search Elasticsearc h Liferay DXP Liferay VPN Client OpenVPN / IPsec PRD, UAT, SIT, or DEV Env - Network Group Backups LCP Service Web Server with WAF - Nginx Volumes LCP Config Database LCP Service Adv. Monitoring OneAgent Search Elasticsearc h Liferay DXP Liferay VPN Client OpenVPN / IPsec Backups LCP Service Web Server with WAF - Nginx Volumes LCP Config Database LCP Service DR Env - Network Group Adv. Monitoring OneAgent Monitoring App Dynatrace
- 13. São Paulo Brazil Oregon USA Iowa USA Frankfurt Germany Mumbai India Sydney Australia Montreal Canada Tokyo Japan 13 Cloud Regions N.Virginia USA Osaka Japan Hamina Finland London UK Jurong West Singapore
- 18. Code Git Repo Build DEV UAT PRD Repository Gitlab, Github or Bitbucket Repo CI Service Jenkins
- 20. PRD UA T DE V
- 27. PRD UA T DE V
- 28. Is there support Azure DevOps? In fact, could I bring my own CI/CD? IT Francesco
- 29. Code Git Repo Build Dev UAT PRD Repository Gitlab, Github or Bitbucket Repo CI Service Jenkins External CI Bring your own OR Roadmap - Azure DevOps Support & External CI/CD
- 32. erp WineRay hr WineRay On-premise Servers Liferay Experience Cloud Private Network liferay DXP search Search Engine database Database
- 34. 127.0.0.1: 33528 WineRay 127.0.0.1: 33529 WineRay On-premise Servers Liferay Experience Cloud Private Network liferay:2401 DXP search:4089 Search Engine database:5085 Database
- 35. High-availability Web Server Nginx Liferay Experience Cloud Liferay DXP Liferay VPN OpenVPN / IPSec Search Elasticsearch CI Service Jenkins Database MySQL File System NFS Backup NodeJS H A HA 3 2 2 Authorization Spring Boot Gateway Spring Boot External Service DMZ (SAP, Oracle, WS) Frontend React Application
- 37. Client Extensions 101: Future proofing your DXP Apps. Client Extension Sessions WORKSHOP - Client Extensions Deep Dive Today 14:40 - 15:10 Tomorrow 11:50 - 12:50 Staff Software Engineer Director of Research Development Greg Amerson Iliyan Peychev Staff Software Engineer Pr Software Engineer Greg Amerson Iliyan Peychev
- 38. Easy to Configure & Maintain
- 39. We know data is your most important asset
- 40. So don’t worry, we give you the power to keep data safe
- 45. Restore any backup in time to any environment
- 47. Web Server Nginx Liferay Experience Cloud With resource swap Liferay DXP Service Database Old version File System Old version Backup Service Database Restored File System Restored Search Elasticsearch Offline ✖ Online ✓ Backup in progress… Backup DONE Recent Release - Resource Swap Restore Strategy (only on stack 5.x)
- 48. Leadership can have peace of mind. IT Francesco CEO Sofia Marketing Aurora
- 53. Yeah, customers will call you
- 54. Autoscaling helps me plan my next marketing campaign. Marketing Aurora
- 56. And you pay only for what you use
- 57. And you pay only for what you use
- 58. What if I can’t wait for autoscaling? IT Francesco
- 59. Schedule horizontal scaling of Liferay pods No need to wait for autoscaling process to kick-in. Determine the time window and pods will scale. Roadmap - Scheduled Horizontal Scaling
- 60. Is there a way to provide a better experience during planned maintenance windows? IT Francesco
- 61. Activate/Deactivate maintenance page for planned downtime Activate the maintenance page for domains and use the default URL to access your sites. Roadmap - Scheduled Maintenance Page
- 62. Time window for the maintenance page to appear Determine a start and end date and time and update your sites’ maintenance window Roadmap - Scheduled Maintenance Page
- 63. Maintenance page - static content Set static content to be loaded when a maintenance window is activated. Roadmap - Scheduled Maintenance Page
- 64. Maintenance page - static content Static content configured through the Cloud Console to be loaded when a maintenance window is activated. Roadmap - Scheduled Maintenance Page
- 66. { "id": "myservice", "image": "liferaycloud/example", "env": { "DB_USER": "root", "DB_PASSWORD": "pass123" }, "loadBalancer": { "cdn": true, "targetPort": 3000, "customDomains": ["example.com"], "ssl": { "key": "...", "crt": "..." }
- 68. { "id": "liferay", "cpu": 8, "memory": 8192, "dependencies": ["database", “search”], "env": { "LCP_LIFERAY_CLUSTER_ENABLED": true } }
- 69. "ports": [ { "port": 8080, "targetPort": 8080, "protocol": "TCP", "external": false } ]
- 70. "loadbalancer": [ "targetPort": 80, "customDomains": ["wineray.com"], "ssl": { "key": "...", "crt": "..." } ]
- 71. Security Focused Manage & Organize Philosophy
- 72. Let us worry about Compliance…
- 79. Roles Admin Has full control of the environment and its members. Contributor Can handle most of the development lifecycle but cannot manage team members. Guest They can see what's going on but can't perform actions or make changes.
- 85. What if something goes wrong?
- 86. Metrics Shell Access Log Management
- 87. Recent Release - Enhanced Log Management
- 88. Recent Release - Enhanced Log Management
- 89. Recent Release - Enhanced Log Management
- 90. Could you add filtering capabilities and syntax highlighting? IT Francesco
- 91. Roadmap - Enhanced Log Management
- 92. Roadmap - Enhanced Log Management
- 93. Roadmap - Enhanced Log Management
- 94. Metrics Shell Access Log Management
- 97. CPU Memory Transfer Dynatrace
- 99. Can I bring my own favorite APM tool? IT Francesco
- 100. CPU Memory Transfer ELK Splunk New Relic Datadog Roadmap - Bring You Own APM Tool
- 101. Metrics Shell Access Log Management
- 102. What if I need Advanced access? Wineray: ~$
- 105. Can you make it even simpler? IT Francesco CEO Sofia Marketing Aurora Credits: Rawpixel
- 106. ● Platform ○ Manage & Organize ○ Develop & Release ○ Monitor & Troubleshoot ○ Configure & Maintain Liferay Experience Cloud Self-Managed (PaaS) Liferay Cloud Platform Liferay Experience Cloud (SaaS) ● Services ○ DXP Upgrades ○ Monitor Uptime ○ Incident Response ○ Security Scan Recent Release - Liferay Experience Cloud (SaaS)
- 107. Recent Release - Liferay Experience Cloud (SaaS) SaaS Architecture Client Extension Environments ● Managed by customers ○ Customize without compromise (no changes to core). ○ Full control of Client Extension’s SDLC ○ Manage and Monitor your Client Extensions Client Extensions CLIENT EXTENSION CLASSIFICATION Configuration Client Extensions Micro Service Client Extensions Front End Client Extensions More / Future Client Extensions DXP-as-a-Service ● Managed by Liferay ○ DXP Upgrades ○ Monitor Application Uptime ○ Incident Response ○ Security Scan GraphQL API REST API Events API LOW CODE Fragments Objects Automation Pages Liferay DXP
- 108. Teams Activities Authentication Backup & Restore Scalability CI/CD Composability Liferay Stack GitOps Manage & Organize Configure & Maintain Develop & Release Metrics Shell Access Log Management Monitor & Troubleshoot
- 110. Vice President Cloud Engineering Igor Arouca Vice President DevSecOps Zsolt Balogh Senior Manager Technical Enablement Ben Turner Liferay Experience Cloud A Customer Value-Driven Journey Tomorrow 09:15 - 10:00
- 112. Disclaimer The following information contains forward looking statements that outline our general product direction. It is provided for information purposes only and may change at any time without notice.
- 113. ➔Enhanced Log Management ➔Scheduled Scaling ➔Bring Your Own CI/CD ➔Multi-factor Authentication ➔Maintenance Window ➔Bring You Own APM Tool ➔Stream Logs to External Systems & SIEM ➔??? ➔??? Now #LiferayExperienceCloud MISAEL NETO | misawsneto@linkedin Next Future…
- 115. #HashtagPlaceHolder SPEAKER NAME | @twitterhandle How many project did you know that implement Blue/Green Deployment?
- 119. Traffic Manager
- 120. Build ID
- 121. Build ID
- 123. Switch button
- 128. - How to keep databases in sync between environments? - How many configurations we need to swap between environments?
- 129. #HashtagPlaceHolder THIAGO MOREIRA | @tmoreira2020 How many projects had a smooth upgrade?
- 132. DXP Updates
- 133. Cloud Stack Updates
- 134. Release Notes
- 135. Trigger the process
- 141. Upgrade Code
- 146. Deploy Data & Code
Editor's Notes
- 85% will adopt Cloud-first principles by 2025. You are likely on a private cloud, public cloud or running Liferay Experience Cloud
- They sell all over the world
- And they have a leadership team. Different teams with different agendas, IT, Marketing, CEO. All these depts have their own goals to help the company to succeed.
- They chosen Liferay Experience Cloud to power their public site and intranet
- The first benefit of Liferay Experience Cloud Simple Develop & Release Cycle
- The first thing about deploying Liferay is that there’s lots to choose from. And for every choice there’s a lot a work to maintain, patch, update. Security concerns that..
- we’ve already made the choices for you based on our experience with many customers. So it’s all connected out of the box
- Segregated environment with a set of network policy rules. So you don’t maintain, patch, update. Security concerns that..
- We're in 13 regions across the globe
- You’ll get a template repository when your project is created to get you started.
- Code scan and unit testing is performed as part of the pipeline and the build is artifacts are stored.
- Liferay Experience Cloud SM shows you all the deployments for each environment in your project
- And for full confidence in your deployments, the same build can be promoted from Dev, to uat then to prod. So you are 100% sure that the build in prd has no surprises.
- And for full confidence in your deployments, the same build can be promoted from Dev, to uat then to prod. So you are 100% sure that the build in prd has no surprises.
- Code scan and unit testing is performed as part of the pipeline and the build is artifacts are stored.
- refers to the ability to create, adapt, and scale applications by combining and recombining various services or components.
- With Winreay we have some systems , erp, hr running inhouse. The applications may be running on prem in a private network
- Here we have the DXP Cloud stack running in a private network in DXP Cloud, and the on-prem services running in the internal network
- Let’s see how to connect the vpn.
- Liferay Experience Cloud SM can connect to the on-prem VPN Server so your data is always encrypted when accessing your on-prem systems.
- Version-controlled your infrastructure management. service ID, memory, number of CPUs, environment variables, volumes,
- efficient, version-controlled, and reproducible infrastructure management through a declarative approach
- New service in Liferay Experience Cloud You can define
- And access to the environment is secured by TLS certificates and https.
- Accountability: Audit logs can provide a clear and detailed trail of user activity within a system, helping to identify who did what and when. This encourages responsibility and accountability among users. Security: Audit trails are often crucial for identifying and investigating potential security incidents. They can be used to identify suspicious activity, such as login attempts from unexpected locations, changes to sensitive data, or unusual patterns of behavior that might suggest a security breach. Compliance: Many industries are subject to regulations that require certain types of activity to be recorded and auditable. For example, privacy laws like the GDPR require organizations to be able to demonstrate what data they have collected on individuals, where it is stored, and how it is used. Similarly, financial regulations may require keeping detailed records of transactions. Quality Assurance: By keeping a detailed record of activities, audit logs can help organizations to identify and correct errors or inefficiencies in their processes. This can lead to improved quality and performance over time. Operational Efficiency: With a proper audit trail, enterprises can review the effectiveness of their operations, find areas of improvement, and implement necessary changes. Auditing can highlight areas of unnecessary resource usage or waste. Forensic Analysis: In the event of a system failure or data breach, audit trails can be used to perform a forensic analysis. This can help identify the root cause of the problem and prevent similar incidents in the future. Problem Resolution: Audit logs can assist in troubleshooting and problem resolution by providing a detailed history of system activities leading up to an error or issue. Change Management: Auditing functionality can track changes in the system, who made those changes, and when they were made. This can be especially important when diagnosing issues that may have been introduced due to recent system changes.
- We run a very extensive Information Security Program Our ISMS is 104 pages long We moved from no data to a data processor company in a few years with amazing success We have extended the certification to our SaaS offering - where it was applicable very quickly
- We have different members, with different roles in the team.
- Accountability: Audit logs can provide a clear and detailed trail of user activity within a system, helping to identify who did what and when. This encourages responsibility and accountability among users. Security: Audit trails are often crucial for identifying and investigating potential security incidents. They can be used to identify suspicious activity, such as login attempts from unexpected locations, changes to sensitive data, or unusual patterns of behavior that might suggest a security breach. Compliance: Many industries are subject to regulations that require certain types of activity to be recorded and auditable. For example, privacy laws like the GDPR require organizations to be able to demonstrate what data they have collected on individuals, where it is stored, and how it is used. Similarly, financial regulations may require keeping detailed records of transactions. Quality Assurance: By keeping a detailed record of activities, audit logs can help organizations to identify and correct errors or inefficiencies in their processes. This can lead to improved quality and performance over time. Operational Efficiency: With a proper audit trail, enterprises can review the effectiveness of their operations, find areas of improvement, and implement necessary changes. Auditing can highlight areas of unnecessary resource usage or waste. Forensic Analysis: In the event of a system failure or data breach, audit trails can be used to perform a forensic analysis. This can help identify the root cause of the problem and prevent similar incidents in the future. Problem Resolution: Audit logs can assist in troubleshooting and problem resolution by providing a detailed history of system activities leading up to an error or issue. Change Management: Auditing functionality can track changes in the system, who made those changes, and when they were made. This can be especially important when diagnosing issues that may have been introduced due to recent system changes.
- Shell access
- Accountability: Audit logs can provide a clear and detailed trail of user activity within a system, helping to identify who did what and when. This encourages responsibility and accountability among users. Security: Audit trails are often crucial for identifying and investigating potential security incidents. They can be used to identify suspicious activity, such as login attempts from unexpected locations, changes to sensitive data, or unusual patterns of behavior that might suggest a security breach. Compliance: Many industries are subject to regulations that require certain types of activity to be recorded and auditable. For example, privacy laws like the GDPR require organizations to be able to demonstrate what data they have collected on individuals, where it is stored, and how it is used. Similarly, financial regulations may require keeping detailed records of transactions. Quality Assurance: By keeping a detailed record of activities, audit logs can help organizations to identify and correct errors or inefficiencies in their processes. This can lead to improved quality and performance over time. Operational Efficiency: With a proper audit trail, enterprises can review the effectiveness of their operations, find areas of improvement, and implement necessary changes. Auditing can highlight areas of unnecessary resource usage or waste. Forensic Analysis: In the event of a system failure or data breach, audit trails can be used to perform a forensic analysis. This can help identify the root cause of the problem and prevent similar incidents in the future. Problem Resolution: Audit logs can assist in troubleshooting and problem resolution by providing a detailed history of system activities leading up to an error or issue. Change Management: Auditing functionality can track changes in the system, who made those changes, and when they were made. This can be especially important when diagnosing issues that may have been introduced due to recent system changes.
- And they have a leadership team. Different teams with different agendas, IT, Marketing, CEO. All these depts have their own goals to help the company to succeed.
- BT: And, just in case you’ve not had enough coffee yet this morning, we’ve made it super easy to follow which of us is which. I’m Ben Turner, I manage our global Technical Enablement team, and as such it’s only right that today I’m the L so I’m covering Learning! And I’m in really esteemed company because alongside me I’ve got not one, but two of our VPs - Igor Arouca, who’s our VP of Cloud Engineering, and today Igor is bringing the X factor by covering eXperimentation, and then Zsolt Balogh, our VP of DevSecOps is going to talk about Compliance and Operations, and is the C!
- When we were planning what would be cool to share in DEVCON I asked myself what I liked about the event when I was an consultant? And the first thing that came to my mind was the "future", the "roadmap". I remember sitting where you guys are asking myself what that heck Liferay will build to make my life easier? That was the drive to built these next few slides. I will be presenting two new ideas for the future.
- For the first one I would like to start with the question: "How many project did you know that implement Blue/Green Deployment? "Yeah, I know! Not many, right? On October of this year I'm turning 16 years of Liferay. Most of the time on the consulting area and during all these years I never heard of a successful Blue/Green Deployment project. I know of some good tentatives but nothing solid. And you know why? Because Liferay wasn't design to do Blue/Green Deployment!!! Simply like that. But we will change it! So I what I will show you today is an ideation about how this would work.
- It all starts with two new environments: Blue and Green. Both are production like, this is different from our current PRD/UAT setup because UAT's database isn't HA. Wineray.com points to Blue
- If we go to the Environment's overview page we are going to find new UI elements…
- For instance, the "live" identification. As Blue and Green can now be Live we need a way to identify which is what.
- Traffic Manager is responsible to show all information regarding how Blue/Green is set.
- For instance, we have the Build ID of Blue that is the current Live environment.
- We also have the Green Build Id
- That is a bit ahead of Blue.
- And the switch Button which will lead us to
- … to the screen where the magic of switching between two environments starts.
- It provides a summary of what is the current setup and what will be the next setup after switching.
- A few confirmations are necessary so the user knows what will happen. Things like DNS switching, session transfer, swap of configuration are a small set of operations that will be processed behind the scenes.
- In the end you will have Green as the Live environment now. Going back to Wineray example, now wineray.com points to Green. If something goes wrong the user will be able to rollback following the same steps presented.
- Is it possible? I would say yes! Specially if you have deep pockets but this isn't our case. So our approach will be to define a MVF (Minimal Viable Feature) and release it. Then we will collect feedback, improve and release it again and again and again. A few questions are still open, for instance: "How to keep databases in sync between environments?" or "How many configurations we need to swap between environments?" If you have answers for these questions, let us know. For introducing the next feature I would like to do another reality check asking you:
- "How many projects that you know had a smooth upgrade?" You don't need to answer this one because such thing doesn't exist… hahaha! I use to say that Liferay's upgrade is a nightmare, specially for projects that has a large set of customizations. A lot of things can go wrong. The good thing is that our team is decided to change that for good.
- Before going into the details I would like to put everybody in the same page as how a simple Upgrade project works. Basically we have 3 phases: 1- Run Liferay's data upgrade process 2- Manually upgrade the source code 3- Deploy data and source code into the same environment Let's focus on the first phase
- Ok, now let's see how this simple process will be translated into our platform. We are introducing is a new page called "Cloud Updater" it is the start point for upgrades.
- A section for DXP Updates
- A section for Cloud Stack Updates
- Release Notes information.
- A button to trigger the process. Until here there isn't nothing different from what we see in the market. Let's not reinvent the wheel.
- But then when you click the button we start the whole automagic process behind the scene. In the first step we create a brand new environment.
- Once the environment is ready we immediately deploy a stack…
- … with the latest version available. This deployment will trigger the data upgrade process. 7.4u77
- It may fail, right? Upgrades are hard. It is common to fail especially in old datasets. Reasons for that can be data inconsistency, i18n missing field, DL missing files, etc. Two good things: 1- our DXP upgrade team is investing to make the whole process bullet proof 2- we will map the errors to our help center articles.
- When the data upgrade finishes without errors you will be taken to the second step.
- Before going into more details i would like to share that: We already have a PoC that do all the steps described until here. The source code upgrade is more challenging but we feel that is also where we can deliver more value.
- Our idea is to connect to the users repository.
- Fetch their source code from a given branch
- And use the source code as the input to a Upgrade Service that will output 7.4 source code. And what is the coolest thing about this is that we are planning to use AI to do the transformation.
- Cool right? AI will be one of the layer on our "Upgrade Service" we are also planning to use some internal tooling that our team already develop.
- In the end you will have data and code on 7.4 ready to be deployed in any environment.