SlideShare a Scribd company logo

Deploying Plone on AWS

T. Kim Nguyen
T. Kim Nguyen

This document discusses deploying Plone on Amazon Web Services (AWS) using automation tools like Ansible and Terraform. It describes setting up a basic Plone stack with nginx, ZEO clients and servers. Manual deployment is error-prone, so the document recommends using configuration management tools to deploy Plone servers repeatably. It demonstrates deploying a Plone server to AWS using Terraform to provision servers and Saltstack to configure the software.

Internet
1 of 26
Download to read offline
DEPLOYING PLONE ON AMAZON AWS Kim Nguyen / kim@sixfeetup.com
ABOUT ME ➤ Working with Plone since 2003 ➤ 350+ Plone sites at University of Wisconsin Oshkosh ➤ Developer → team lead → project manager ➤ Engineering team lead @ Six Feet Up
PLONE It's hardcore It can scale
BASIC PLONE STACK
BASIC PLONE STACK ➤ nginx web server ➤ (optional) varnish cache ➤ 2+ ZEO clients ➤ 1 ZEO server
MANUAL DEPLOYMENT
MANUAL DEPLOYMENT ➤ Provision a virtual machine (Digital Ocean, Linode, Amazon Lightsail) ➤ Set up firewall ➤ Download and run the Plone unified installer ➤ Set up nginx web server ➤ Set up automatic Plone start scripts ➤ Set up cron jobs (zeopack, backup) ➤ Remember to log in periodically to apply system updates ➤ Hope no one hacks into the system (no monitoring)
THERE IS A BETTER WAY
THE BETTER WAY ➤ Deploy repeatably, consistently ➤ Keep server configuration under version control ➤ Make all configuration changes in one place ➤ Use automation to deploy configuration changes ➤ Avoid logging into the servers ➤ NEVER MODIFY THE SERVERS DIRECTLY
WHY USE REPEATABLE DEPLOYMENTS ➤ There is never any question about what’s running on a given server ➤ Consistency of configuration → when you make a change in one Plone server, it is made on all Plone servers ➤ With repeatable deployments you can easily create multiple environments for: ➤ testing ➤ Quality Assurance or staging ➤ production ➤ disaster recovery
TOOLS FOR REPEATABLE DEPLOYMENTS
TOOLS FOR REPEATABLE DEPLOYMENTS ➤ Ansible (ansible.com) ➤ Terraform (terraform.io) ➤ Saltstack (saltstack.com)
PLONE ANSIBLE PLAYBOOK
PLONE ANSIBLE PLAYBOOK ➤ Use Ansible to provision a single full-stack Plone server github.com/plone/ansible- playbook with ➤ a Plone ZEO cluster (1 ZEO server, 2 ZEO clients) ➤ supervisor for automatic start/stop of the Plone cluster ➤ HAProxy load balancing ➤ Varnish caching ➤ Nginx as a proxy and URL rewrite engine ➤ Postfix for outgoing mail ➤ munin-node, logwatch and fail2ban for monitoring and log analysis ➤ Vagrant and VirtualBox for testing the setup
BUT THAT’S JUST ONE SERVER
DEPLOY TO THE CLOUD
➤ For this demo, we will use Amazon AWS ➤ Biggest established cloud provider ➤ Continuing adoption growth ➤ Robust, well understood ➤ Many other services available (e.g. machine learning, containers, databases) ➤ 66 availability zones in 21 geographic regions DEPLOY TO THE CLOUD
DEMO: TERRAFORM ➤ Demo code: github.com/tkimnguyen/aws-auto-deploy-demo ➤ Terraform will provision servers using AWS: ➤ Create virtual private cloud (VPC) ➤ Define access control lists (ACLs) ➤ Create 2 Elastic Compute Cloud (EC2) instances ➤ A salt “master” ➤ A salt “minion” (the Plone server)
DEMO: SALT ➤ Then Terraform invokes Saltstack on the minion to set up our software ➤ Saltstack reads states stored on the master to: ➤ Install Plone ➤ Install and configure supervisor
AWS PREPARATION ➤ Create an AWS account at aws.amazon.com ➤ Create an AWS user at console.aws.amazon.com/iam ➤ Set up an access key pair called plone-conf-demo-sfup by importing your ssh public key ➤ Add aws_access_key_id and aws_secret_access_key to your ~/.aws/ credentials file
LOCAL COMPUTER PREPARATION ➤ Install Terraform from www.terraform.io/downloads.html git clone https://github.com/tkimnguyen/aws-auto-deploy- demo.git cd aws-auto-deploy-demo cd terraform terraform init terraform plan
DEMO STEPS ➤ Apply the Terraform plan terraform apply ➤ Obtain IP address of Plone server terraform state pull aws_instance |egrep ‘"name"|public_ip"' ➤ ssh into Plone server ssh -L8080:localhost:8080 ubuntu@18.209.237.90 ➤ view salt progress log tail -f /var/log/cloud-init-output.log
OTHER AWS GOODIES
OTHER AWS GOODIES ➤ CloudFront (aws.amazon.com/cloudfront) for content delivery network (caching) around the world ➤ Shield for DDoS mitigation, Web Application Firewall ➤ CloudWatch (aws.amazon.com/cloudwatch) for monitoring and autoscaling ➤ Elastic Load Balancing (aws.amazon.com/elasticloadbalancing) for load balancing of HTTP and HTTPS traffic, integration with Auto Scaling, monitoring & auditing ➤ Relational Database Service (aws.amazon.com/rds) with PostgreSQL → use with Plone RelStorage → now you have replication and failover
Planning Development Orchestration Support QUESTIONS? PLEASE ASK! KIM@SIXFEETUP.COM

Recommended

Configure jasmine and karma for code coverage
Configure jasmine and karma for code coverageConfigure jasmine and karma for code coverage
Configure jasmine and karma for code coverage
Deepak More
 
Itb2018 cf apps to dev to production with command box cf-config docker
Itb2018 cf apps to dev to production with command box cf-config dockerItb2018 cf apps to dev to production with command box cf-config docker
Itb2018 cf apps to dev to production with command box cf-config docker
Ortus Solutions, Corp
 
mykola marzhan - jenkins on aws spot instance
mykola marzhan - jenkins on aws spot instancemykola marzhan - jenkins on aws spot instance
mykola marzhan - jenkins on aws spot instance
Dariia Seimova
 
ITB2019 Scaling with CommandBox in Production! - Brad Wood
ITB2019 Scaling with CommandBox in Production! - Brad WoodITB2019 Scaling with CommandBox in Production! - Brad Wood
ITB2019 Scaling with CommandBox in Production! - Brad Wood
Ortus Solutions, Corp
 
Docker, OSS and Azure
Docker, OSS and AzureDocker, OSS and Azure
Docker, OSS and Azure
Elton Stoneman
 
Controlling multiple VMs with the power of Python
Controlling multiple VMs with the power of PythonControlling multiple VMs with the power of Python
Controlling multiple VMs with the power of Python
Yurii Vasylenko
 
Ansible 2.2
Ansible 2.2Ansible 2.2
Ansible 2.2
Scott van Kalken
 
Devops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As Code
Devops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As CodeDevops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As Code
Devops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As Code
Israel Shirk
 

Recommended

Configure jasmine and karma for code coverage
Configure jasmine and karma for code coverageConfigure jasmine and karma for code coverage
Configure jasmine and karma for code coverage
Deepak More
 
Itb2018 cf apps to dev to production with command box cf-config docker
Itb2018 cf apps to dev to production with command box cf-config dockerItb2018 cf apps to dev to production with command box cf-config docker
Itb2018 cf apps to dev to production with command box cf-config docker
Ortus Solutions, Corp
 
mykola marzhan - jenkins on aws spot instance
mykola marzhan - jenkins on aws spot instancemykola marzhan - jenkins on aws spot instance
mykola marzhan - jenkins on aws spot instance
Dariia Seimova
 
ITB2019 Scaling with CommandBox in Production! - Brad Wood
ITB2019 Scaling with CommandBox in Production! - Brad WoodITB2019 Scaling with CommandBox in Production! - Brad Wood
ITB2019 Scaling with CommandBox in Production! - Brad Wood
Ortus Solutions, Corp
 
Docker, OSS and Azure
Docker, OSS and AzureDocker, OSS and Azure
Docker, OSS and Azure
Elton Stoneman
 
Controlling multiple VMs with the power of Python
Controlling multiple VMs with the power of PythonControlling multiple VMs with the power of Python
Controlling multiple VMs with the power of Python
Yurii Vasylenko
 
Ansible 2.2
Ansible 2.2Ansible 2.2
Ansible 2.2
Scott van Kalken
 
Devops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As Code
Devops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As CodeDevops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As Code
Devops Boise - Israel Shirk - Pragmatic Migration to Infrastructure As Code
Israel Shirk
 
fmcsadmin 1.0.0
fmcsadmin 1.0.0fmcsadmin 1.0.0
fmcsadmin 1.0.0
Atsushi Matsuo
 
WinOps 2017 - Docker on Windows, the Beginner's Guide
WinOps 2017 - Docker on Windows, the Beginner's GuideWinOps 2017 - Docker on Windows, the Beginner's Guide
WinOps 2017 - Docker on Windows, the Beginner's Guide
Elton Stoneman
 
Windows Containers and Docker: Why You Should Care
Windows Containers and Docker: Why You Should CareWindows Containers and Docker: Why You Should Care
Windows Containers and Docker: Why You Should Care
Elton Stoneman
 
Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)
Michele Orselli
 
Quickly extending into testing with docker
Quickly extending into testing with dockerQuickly extending into testing with docker
Quickly extending into testing with docker
Tom Cudd
 
Vagrant to-aws-flow
Vagrant to-aws-flowVagrant to-aws-flow
Vagrant to-aws-flow
Kimberly Macias
 
SV iOS Meetup Slides: YmsCoreBluetooth and Deep Core Bluetooth
SV iOS Meetup Slides: YmsCoreBluetooth and Deep Core BluetoothSV iOS Meetup Slides: YmsCoreBluetooth and Deep Core Bluetooth
SV iOS Meetup Slides: YmsCoreBluetooth and Deep Core Bluetooth
Charles Y. Choi
 
Vagrant
VagrantVagrant
Vagrant
ProfessionalVMware
 
Bluetooth Over-The-Air Firmware Update
Bluetooth Over-The-Air Firmware UpdateBluetooth Over-The-Air Firmware Update
Bluetooth Over-The-Air Firmware Update
Ramin Firoozye
 
Drone your Ansible
Drone your AnsibleDrone your Ansible
Drone your Ansible
Dennis Rowe
 
Ansible Oxford - Cows & Containers
Ansible Oxford - Cows & ContainersAnsible Oxford - Cows & Containers
Ansible Oxford - Cows & Containers
jonatanblue
 
"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12
"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12
"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12
Puppet
 
Automated Deployment with Capistrano
Automated Deployment with CapistranoAutomated Deployment with Capistrano
Automated Deployment with Capistrano
Sumit Chhetri
 
Puppet in the Pipeline
Puppet in the PipelinePuppet in the Pipeline
Puppet in the Pipeline
Puppet
 
Jenkins Docker
Jenkins DockerJenkins Docker
Jenkins Docker
Alex Soto
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
Suresh Kumar
 
How to contribute Apache CloudStack
How to contribute Apache CloudStackHow to contribute Apache CloudStack
How to contribute Apache CloudStack
Go Chiba
 
Investigation of testing with ansible
Investigation of testing with ansibleInvestigation of testing with ansible
Investigation of testing with ansible
Dennis Rowe
 
Hadoop presentation
Hadoop presentationHadoop presentation
Hadoop presentation
MaggieZhang61
 
StackiFest16: Building a Cart
StackiFest16: Building a CartStackiFest16: Building a Cart
StackiFest16: Building a Cart
StackIQ
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
Dharmit Shah
 
WooCommerce WP-CLI Basics
WooCommerce WP-CLI BasicsWooCommerce WP-CLI Basics
WooCommerce WP-CLI Basics
corsonr
 

More Related Content

What's hot

Investigation of testing with ansible
Investigation of testing with ansibleInvestigation of testing with ansible
Investigation of testing with ansible
Dennis Rowe
 

What's hot (20)

fmcsadmin 1.0.0
fmcsadmin 1.0.0fmcsadmin 1.0.0
fmcsadmin 1.0.0
 
WinOps 2017 - Docker on Windows, the Beginner's Guide
WinOps 2017 - Docker on Windows, the Beginner's GuideWinOps 2017 - Docker on Windows, the Beginner's Guide
WinOps 2017 - Docker on Windows, the Beginner's Guide
 
Windows Containers and Docker: Why You Should Care
Windows Containers and Docker: Why You Should CareWindows Containers and Docker: Why You Should Care
Windows Containers and Docker: Why You Should Care
 
Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)Vagrant for real (codemotion rome 2016)
Vagrant for real (codemotion rome 2016)
 
Quickly extending into testing with docker
Quickly extending into testing with dockerQuickly extending into testing with docker
Quickly extending into testing with docker
 
Vagrant to-aws-flow
Vagrant to-aws-flowVagrant to-aws-flow
Vagrant to-aws-flow
 
SV iOS Meetup Slides: YmsCoreBluetooth and Deep Core Bluetooth
SV iOS Meetup Slides: YmsCoreBluetooth and Deep Core BluetoothSV iOS Meetup Slides: YmsCoreBluetooth and Deep Core Bluetooth
SV iOS Meetup Slides: YmsCoreBluetooth and Deep Core Bluetooth
 
Vagrant
VagrantVagrant
Vagrant
 
Bluetooth Over-The-Air Firmware Update
Bluetooth Over-The-Air Firmware UpdateBluetooth Over-The-Air Firmware Update
Bluetooth Over-The-Air Firmware Update
 
Drone your Ansible
Drone your AnsibleDrone your Ansible
Drone your Ansible
 
Ansible Oxford - Cows & Containers
Ansible Oxford - Cows & ContainersAnsible Oxford - Cows & Containers
Ansible Oxford - Cows & Containers
 
"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12
"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12
"Puppet at SpaceX" - Jok Thuau of SpaceX - PuppetCamp LA '12
 
Automated Deployment with Capistrano
Automated Deployment with CapistranoAutomated Deployment with Capistrano
Automated Deployment with Capistrano
 
Puppet in the Pipeline
Puppet in the PipelinePuppet in the Pipeline
Puppet in the Pipeline
 
Jenkins Docker
Jenkins DockerJenkins Docker
Jenkins Docker
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
How to contribute Apache CloudStack
How to contribute Apache CloudStackHow to contribute Apache CloudStack
How to contribute Apache CloudStack
 
Investigation of testing with ansible
Investigation of testing with ansibleInvestigation of testing with ansible
Investigation of testing with ansible
 
Hadoop presentation
Hadoop presentationHadoop presentation
Hadoop presentation
 
StackiFest16: Building a Cart
StackiFest16: Building a CartStackiFest16: Building a Cart
StackiFest16: Building a Cart
 

Similar to Deploying Plone on AWS

Getting started with puppet and vagrant (1)
Getting started with puppet and vagrant (1)Getting started with puppet and vagrant (1)
Getting started with puppet and vagrant (1)
Puppet
 
The Enterprise Wor/d/thy/Press
The Enterprise Wor/d/thy/PressThe Enterprise Wor/d/thy/Press
The Enterprise Wor/d/thy/Press
Jeroen van Dijk
 
Nuxeo5 - Continuous Integration
Nuxeo5 - Continuous IntegrationNuxeo5 - Continuous Integration
Nuxeo5 - Continuous Integration
PASCAL Jean Marie
 

Similar to Deploying Plone on AWS (20)

Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
WooCommerce WP-CLI Basics
WooCommerce WP-CLI BasicsWooCommerce WP-CLI Basics
WooCommerce WP-CLI Basics
 
eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...
eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...
eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...
 
eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...
eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...
eZ Platform Cloud and eZ Launchpad: Don’t Host, Don’t Deploy, Don’t Install—J...
 
WP-CLI: Unleash the power
WP-CLI: Unleash the powerWP-CLI: Unleash the power
WP-CLI: Unleash the power
 
Phoenix Servers with Docker and Nginx
Phoenix Servers with Docker and NginxPhoenix Servers with Docker and Nginx
Phoenix Servers with Docker and Nginx
 
Making Spinnaker Go @ Stitch Fix
Making Spinnaker Go @ Stitch FixMaking Spinnaker Go @ Stitch Fix
Making Spinnaker Go @ Stitch Fix
 
Getting started with puppet and vagrant (1)
Getting started with puppet and vagrant (1)Getting started with puppet and vagrant (1)
Getting started with puppet and vagrant (1)
 
WordPress Development Environments
WordPress Development Environments WordPress Development Environments
WordPress Development Environments
 
Hybrid (Windows + Linux) Apps with Docker Swarm
Hybrid (Windows + Linux) Apps with Docker SwarmHybrid (Windows + Linux) Apps with Docker Swarm
Hybrid (Windows + Linux) Apps with Docker Swarm
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
AMIMOTO: WordPress + Amazon Web Services MANILA
AMIMOTO: WordPress + Amazon Web Services MANILAAMIMOTO: WordPress + Amazon Web Services MANILA
AMIMOTO: WordPress + Amazon Web Services MANILA
 
Baylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStackBaylisa - Dive Into OpenStack
Baylisa - Dive Into OpenStack
 
The Enterprise Wor/d/thy/Press
The Enterprise Wor/d/thy/PressThe Enterprise Wor/d/thy/Press
The Enterprise Wor/d/thy/Press
 
Deploying Symfony | symfony.cat
Deploying Symfony | symfony.catDeploying Symfony | symfony.cat
Deploying Symfony | symfony.cat
 
Belvedere
BelvedereBelvedere
Belvedere
 
Oracle vm-installation
Oracle vm-installationOracle vm-installation
Oracle vm-installation
 
Erlang on OSv
Erlang on OSvErlang on OSv
Erlang on OSv
 
How to turn any dynamic website into a static site | 24.01.2018 | Artem Danil...
How to turn any dynamic website into a static site | 24.01.2018 | Artem Danil...How to turn any dynamic website into a static site | 24.01.2018 | Artem Danil...
How to turn any dynamic website into a static site | 24.01.2018 | Artem Danil...
 
Nuxeo5 - Continuous Integration
Nuxeo5 - Continuous IntegrationNuxeo5 - Continuous Integration
Nuxeo5 - Continuous Integration
 

More from T. Kim Nguyen

Permissions & Security in Plone
Permissions & Security in PlonePermissions & Security in Plone
Permissions & Security in Plone
T. Kim Nguyen
 
How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)
How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)
How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)
T. Kim Nguyen
 
Have Content Quality, Will Search Your Intranet, by Fulvio Casali
Have Content Quality, Will Search Your Intranet, by Fulvio CasaliHave Content Quality, Will Search Your Intranet, by Fulvio Casali
Have Content Quality, Will Search Your Intranet, by Fulvio Casali
T. Kim Nguyen
 

More from T. Kim Nguyen (20)

Your Plone [Intranet] in a Box™
Your Plone [Intranet] in a Box™Your Plone [Intranet] in a Box™
Your Plone [Intranet] in a Box™
 
Permissions & Security in Plone
Permissions & Security in PlonePermissions & Security in Plone
Permissions & Security in Plone
 
How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)
How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)
How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)
 
Melding React with the Ultra Secure Plone Content Repository
Melding React with the Ultra Secure Plone Content RepositoryMelding React with the Ultra Secure Plone Content Repository
Melding React with the Ultra Secure Plone Content Repository
 
A Case Study: Measuring Productivity in Education
A Case Study: Measuring Productivity in EducationA Case Study: Measuring Productivity in Education
A Case Study: Measuring Productivity in Education
 
State of Plone 2017
State of Plone 2017State of Plone 2017
State of Plone 2017
 
Have Content Quality, Will Search Your Intranet, by Fulvio Casali
Have Content Quality, Will Search Your Intranet, by Fulvio CasaliHave Content Quality, Will Search Your Intranet, by Fulvio Casali
Have Content Quality, Will Search Your Intranet, by Fulvio Casali
 
I broke what? Taking over maintenance on existing (well loved) projects, by B...
I broke what? Taking over maintenance on existing (well loved) projects, by B...I broke what? Taking over maintenance on existing (well loved) projects, by B...
I broke what? Taking over maintenance on existing (well loved) projects, by B...
 
TU Dresden: A Large-Scale Plone Deployment Case Study, by Sebastian Gottfried
TU Dresden: A Large-Scale Plone Deployment Case Study, by Sebastian GottfriedTU Dresden: A Large-Scale Plone Deployment Case Study, by Sebastian Gottfried
TU Dresden: A Large-Scale Plone Deployment Case Study, by Sebastian Gottfried
 
TUD-Chat – a moderated chat add-on for Plone, by Sebastian Schietzold
TUD-Chat – a moderated chat add-on for Plone, by Sebastian SchietzoldTUD-Chat – a moderated chat add-on for Plone, by Sebastian Schietzold
TUD-Chat – a moderated chat add-on for Plone, by Sebastian Schietzold
 
Plone as a Conference Management System, by Adriana Ramírez V. and Gildardo ...
Plone as a Conference Management System, by Adriana Ramírez V. and Gildardo ...Plone as a Conference Management System, by Adriana Ramírez V. and Gildardo ...
Plone as a Conference Management System, by Adriana Ramírez V. and Gildardo ...
 
Our Castle's Strength
Our Castle's StrengthOur Castle's Strength
Our Castle's Strength
 
Plone Futures, Plone Conference 2016 Keynote by Eric Steele
Plone Futures, Plone Conference 2016 Keynote by Eric SteelePlone Futures, Plone Conference 2016 Keynote by Eric Steele
Plone Futures, Plone Conference 2016 Keynote by Eric Steele
 
Trajectory: Integrating SQL Data into your Plone Site, Plone Conference 2016,...
Trajectory: Integrating SQL Data into your Plone Site, Plone Conference 2016,...Trajectory: Integrating SQL Data into your Plone Site, Plone Conference 2016,...
Trajectory: Integrating SQL Data into your Plone Site, Plone Conference 2016,...
 
Web Development with Vim by Johannes Raggam
Web Development with Vim by Johannes RaggamWeb Development with Vim by Johannes Raggam
Web Development with Vim by Johannes Raggam
 
PyCharm demo
PyCharm demoPyCharm demo
PyCharm demo
 
Gold in Rio
Gold in RioGold in Rio
Gold in Rio
 
Top 5 secrets of distributed teams / Christina McNeill & T. Kim Nguyen
Top 5 secrets of distributed teams / Christina McNeill & T. Kim NguyenTop 5 secrets of distributed teams / Christina McNeill & T. Kim Nguyen
Top 5 secrets of distributed teams / Christina McNeill & T. Kim Nguyen
 
Easy online business processes with Plone forms and workflow
Easy online business processes with Plone forms and workflowEasy online business processes with Plone forms and workflow
Easy online business processes with Plone forms and workflow
 
Plone for CMS review group at UW Oshkosh
Plone for CMS review group at UW OshkoshPlone for CMS review group at UW Oshkosh
Plone for CMS review group at UW Oshkosh
 

Recently uploaded

Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Priya Reddy
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
kumargunjan9515
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 

Recently uploaded (20)

Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 

Deploying Plone on AWS

  • 1. DEPLOYING PLONE ON AMAZON AWS Kim Nguyen / kim@sixfeetup.com
  • 2. ABOUT ME ➤ Working with Plone since 2003 ➤ 350+ Plone sites at University of Wisconsin Oshkosh ➤ Developer → team lead → project manager ➤ Engineering team lead @ Six Feet Up
  • 5. BASIC PLONE STACK ➤ nginx web server ➤ (optional) varnish cache ➤ 2+ ZEO clients ➤ 1 ZEO server
  • 7. MANUAL DEPLOYMENT ➤ Provision a virtual machine (Digital Ocean, Linode, Amazon Lightsail) ➤ Set up firewall ➤ Download and run the Plone unified installer ➤ Set up nginx web server ➤ Set up automatic Plone start scripts ➤ Set up cron jobs (zeopack, backup) ➤ Remember to log in periodically to apply system updates ➤ Hope no one hacks into the system (no monitoring)
  • 8. THERE IS A BETTER WAY
  • 9. THE BETTER WAY ➤ Deploy repeatably, consistently ➤ Keep server configuration under version control ➤ Make all configuration changes in one place ➤ Use automation to deploy configuration changes ➤ Avoid logging into the servers ➤ NEVER MODIFY THE SERVERS DIRECTLY
  • 10. WHY USE REPEATABLE DEPLOYMENTS ➤ There is never any question about what’s running on a given server ➤ Consistency of configuration → when you make a change in one Plone server, it is made on all Plone servers ➤ With repeatable deployments you can easily create multiple environments for: ➤ testing ➤ Quality Assurance or staging ➤ production ➤ disaster recovery
  • 12. TOOLS FOR REPEATABLE DEPLOYMENTS ➤ Ansible (ansible.com) ➤ Terraform (terraform.io) ➤ Saltstack (saltstack.com)
  • 14. PLONE ANSIBLE PLAYBOOK ➤ Use Ansible to provision a single full-stack Plone server github.com/plone/ansible- playbook with ➤ a Plone ZEO cluster (1 ZEO server, 2 ZEO clients) ➤ supervisor for automatic start/stop of the Plone cluster ➤ HAProxy load balancing ➤ Varnish caching ➤ Nginx as a proxy and URL rewrite engine ➤ Postfix for outgoing mail ➤ munin-node, logwatch and fail2ban for monitoring and log analysis ➤ Vagrant and VirtualBox for testing the setup
  • 15. BUT THAT’S JUST ONE SERVER
  • 16. DEPLOY TO THE CLOUD
  • 17. ➤ For this demo, we will use Amazon AWS ➤ Biggest established cloud provider ➤ Continuing adoption growth ➤ Robust, well understood ➤ Many other services available (e.g. machine learning, containers, databases) ➤ 66 availability zones in 21 geographic regions DEPLOY TO THE CLOUD
  • 18. DEMO: TERRAFORM ➤ Demo code: github.com/tkimnguyen/aws-auto-deploy-demo ➤ Terraform will provision servers using AWS: ➤ Create virtual private cloud (VPC) ➤ Define access control lists (ACLs) ➤ Create 2 Elastic Compute Cloud (EC2) instances ➤ A salt “master” ➤ A salt “minion” (the Plone server)
  • 19. DEMO: SALT ➤ Then Terraform invokes Saltstack on the minion to set up our software ➤ Saltstack reads states stored on the master to: ➤ Install Plone ➤ Install and configure supervisor
  • 20. AWS PREPARATION ➤ Create an AWS account at aws.amazon.com ➤ Create an AWS user at console.aws.amazon.com/iam ➤ Set up an access key pair called plone-conf-demo-sfup by importing your ssh public key ➤ Add aws_access_key_id and aws_secret_access_key to your ~/.aws/ credentials file
  • 21. LOCAL COMPUTER PREPARATION ➤ Install Terraform from www.terraform.io/downloads.html git clone https://github.com/tkimnguyen/aws-auto-deploy- demo.git cd aws-auto-deploy-demo cd terraform terraform init terraform plan
  • 22. DEMO STEPS ➤ Apply the Terraform plan terraform apply ➤ Obtain IP address of Plone server terraform state pull aws_instance |egrep ‘"name"|public_ip"' ➤ ssh into Plone server ssh -L8080:localhost:8080 ubuntu@18.209.237.90 ➤ view salt progress log tail -f /var/log/cloud-init-output.log
  • 24. OTHER AWS GOODIES ➤ CloudFront (aws.amazon.com/cloudfront) for content delivery network (caching) around the world ➤ Shield for DDoS mitigation, Web Application Firewall ➤ CloudWatch (aws.amazon.com/cloudwatch) for monitoring and autoscaling ➤ Elastic Load Balancing (aws.amazon.com/elasticloadbalancing) for load balancing of HTTP and HTTPS traffic, integration with Auto Scaling, monitoring & auditing ➤ Relational Database Service (aws.amazon.com/rds) with PostgreSQL → use with Plone RelStorage → now you have replication and failover
  • 25.
  • 26. Planning Development Orchestration Support QUESTIONS? PLEASE ASK! KIM@SIXFEETUP.COM