Given at DrupalJam 2015 - Netherlands.
This presentation explains some of the fundamental issues you have to overcome when designing software for distributed systems that can fail. Also called "Cloud" in other terminologies. The presentation uses AWS components to explain these fundamentals and uses Drupal as the example application. The example is by no means perfect, but gives you a good idea how to design your system from scratch.
Technologies used:
Cloudformation
EC2 Instances
RDS MySQL Database
Elastic Load Balancer
ElastiCache (Memcache)
Example can be found here:
https://gist.github.com/nickveenhof/601c5dc1b76ff26896bf
Take note that the example does not include components such as VPC for simplicity, but it is highly recommended to add this.
2. Who?
+8
Years
in
Drupal
Fairly
heavily
invested
in
Search
+3
Years
at
Acquia
Tech
Lead
@
MollomBelgium
Boston
Barcelona
Belgium
@Nick_vh
3. Components
→Let’s get physical! Well.. Sort of.
→I want you all to regroup in all the components that a
website needs. One row = One Component
→I will be a site visitor, so I want you to start from the front
to the end. What is the first layer?
6. Is Theory boring?
Describes
the
optimal
environment
and
how
this
relates
to
reality.
A
very
digestible
book
for
designing
distributed
systems.
This
book
exposes
software
patterns
that
every
self-‐
respecting
cloud
infrastructure
engineer
should
know.
http://the-‐cloud-‐book.com/
7. Cap Principle
Limoncelli,
Thomas
A.;
Chalup,
Strata
R.;
Hogan,
Christina
J.
(2014-‐09-‐01).
The
Practice
of
Cloud
System
Administration:
Designing
and
Operating
Large
Distributed
Systems,
Volume
2
(p.
21).
Pearson
Education.
Kindle
Edition.
The
CAP
Principle
CAP
stands
for
consistency,
availability,
and
partition
resistance.
The
CAP
Principle
states
that
it
is
not
possible
to
build
a
distributed
system
that
guarantees
consistency,
availability,
and
resistance
to
partitioning.
Any
one
or
two
can
be
achieved
but
not
all
three
simultaneously.
22. Unexpected Spikes
→You could be hosting the next World Cup website
→Or under some page load DDOS from a script kiddie
→A website that is marketed heavily in the next weeks. But
is fairly idle in the rest of the year
→Former slashdot effect (now Reddit)
→…
23. Stacking up
WebServer
Stack
MySQL
RDS Replica
Primary
Object
Caching
Stack
Backup
Storage
S3
GitHub
http://www.cloudreach.com/gb-‐en/2013/01/varnish-‐autoscaling-‐love-‐story/
+
Database
Stack
Watch
out
for
Aurora.
RDS
is
limited
by
Instance
Size
Load
Balancing
+
Page
Caching
Stack
24. Scaling Up
WebServer
Stack
MySQL
RDS Replica
Primary
Caching
Stack
Backup
Storage
S3
GitHub
http://www.cloudreach.com/gb-‐en/2013/01/varnish-‐autoscaling-‐love-‐story/
+
Database
Stack
Watch
out
for
Aurora.
RDS
is
limited
by
Instance
Size
Load
Balancing
+
Page
Caching
Stack
29. Example
→Make a Scalable Static Hosted Website that can handle
gradual increase of visitors beyond 2 web servers.
→Finance wise we are limited to 5 web servers.
→PHP, MySQL, Load Balancer.
→No Object Caching or Page Caching required
37. AWS::EC2::SecurityGroup
→Define Security Levels
between AWS Services
→Eg. Only allow traffic
between Load Balancer
and Instances on port 80
→Eg. Allow port 22 for the
IP range in the inputs
"WebServerSecurityGroup"
:
{
"Type"
:
"AWS::EC2::SecurityGroup",
"Properties"
:
{
"GroupDescription"
:
"Enable
HTTP
access
via
port
80,
locked
down
to
requests
from
the
load
balancer
only
and
SSH
access",
"SecurityGroupIngress"
:
[
{"IpProtocol"
:
"tcp",
"FromPort"
:
"80",
"ToPort"
:
"80",
"SourceSecurityGroupOwnerId"
:
{"Fn::GetAtt"
:
["ElasticLoadBalancer",
"SourceSecurityGroup.OwnerAlias"]},"SourceSecurityGroupName"
:
{"Fn::GetAtt"
:
["ElasticLoadBalancer",
"SourceSecurityGroup.GroupName"]}},
{"IpProtocol"
:
"tcp",
"FromPort"
:
"22",
"ToPort"
:
"22",
"CidrIp"
:
{
"Ref"
:
"SSHLocation"}}
]
}
}
38. And more…
→Make sure to start with VPC
→Be Region Agnostic as some are VPC Only
→Internal ELB, Internal IP’s
→Private Puppet/Chef Servers
→Define Security Model first
→Do not create tribal knowledge