SlideShare une entreprise Scribd logo

Rock Solid WordPress

Télécharger en tant que PPTX, PDF
Erik Osterman
Erik Osterman

Learn how Cloud Posse recently architected and implemented Wordpress for massive scale on Amazon EC2. We'll show you exactly the tools that we used and our recipe to both secure and power Wordpress setups on AWS using Elastic Beanstalk, EFS, CodePipeline, Memcached, Aurora and Varnish.

Ingénierie
1  sur  22
Rock Solid WordPress Architecting WordPress for Massive Scale Presented by Erik Osterman Cloud Posse <hello@cloudposse.com> https://cloudposse.com/
Our Secret Sauce How We Made WordPress FAST And Scale to Support Thousands of Concurrent Users 20 Hot Slides < 25 minutes Q&A Afterwards
About Me Former Director of Cloud Architecture, CBS Interactive in San Francisco Ran Operations for TV.com, Metacritic.com, and Clicker.com Worked with AWS EC2 since 2006 / Private Invite-only Beta Advise numerous successful venture backed startups Backend Software Developer, Open Source Advocate / Contributor Trivia: Traveled for ~2 years and lived out of carry on; visited 30+ countries
Typical WordPress Stack (Single Server Running Apache, PHP, MySQL)
Typical WordPress Stack Single Server running Apache, PHP-FPM, MySQL Life was easy. What could possiblygo wrong?
A lot. MySQL Database Crashes, Maxed out Database Connections, Slow Queries Cause Cascading Failures, Eventual Disk Failure, Failed Wordpress Updates, Cowboy Coding, Too Many Concurrent Requests, CPU & Memory Constraints, No Swap, Site Hacked, Old or Incomplete Backups, Denial of Service Attack, Expired SSL Certificate, Expired Domain, Rogue Developer, Compromised SSH Keys, No Monitoring, No Alerts, ISP Network Failure, Software Glitches, Physical Hardware Failure, Bad OS Upgrades, fat fingers, Human Errors, and last but not least…. Murphy's Law
Why? Only 1 server means... All of our eggs are in one basket. One MASSIVE Single Point of Failure (“SPOF”) Failure of any component means downtime
What We Want Reliable - 99.995% uptime (less than 30 minutes/year of downtime) Fast - blazingly fast page load speeds that are lightening fast Affordable - it must be cost effective to maintain in the long run Easy - self-service operation without rocket scientists; auto-heal if things break Reproducible - identical environments for staging & production Stable - We a site that scales horizontally as traffic increases Upgradable - zero-downtime deployments with rollback support Secure - harned attack surface so we don't want to get hacked Customizable - run ANY plugin or theme you want
Our Strategy Decompose all components into individual tiers (application, load balancer, database, cache, filesystem) Scale Tiers Independently Store Code in GitHub, Continuously Deploy to Staging Use Rolling Updates to Deploy All Changes Leverage “Fully Managed” Services for Lower Maintenance Costs Write Infrastructure as Code to avoid out-of-date documentation
Development “Best Practices” Follow 12-Factor Pattern with WordPress http://12factor.net Develop Locally (e.g. Upgrade WordPress Core/Plugins, Enable Theme) Use Standard Git Workflow as a Development Process feature branch → modify → commit → push → PR → merge → ci/cd Test in Staging that it is functional and passes acceptance tests Release to Production after it passes all tests
What it looks like...
Elastic Beanstalk Dashboard Insights Recent Events Identical Environments Auto Healing
Elastic Beanstalk CI/CD Pipeline Automatic Rollbacks Change Log
Elastic Beanstalk Automatic OS Updates
Elastic Beanstalk Monitoring & Alerting
Cost Explorer Cost Forecasts Cost Transparency
Our Prescription RDS Aurora - highly available, scalable MySQL cluster EFS - network filesystem to store wordpress assets Elastic Beanstalk - “Platform as a Service” to run WordPress ElastiCache - Memcached cluster for caching and user sessions CodePipeline - use CI/CD to automatically deploy code to staging from GitHub ALB - layer 7 application load balancer with WAF Route53 - global DNS service CloudFront - CDN for all static assets VPC - 100% Isolation between environments Terraform - to compose infrastructure
“Cloud Native” WordPress Use environment variables for all settings in wp-config.php Automate wp-cli to activate/deactivate features on deployment (leader_only: true) Avoid plugins that write files to disk Stash wp-content/uploads on Network Filesystem (or Object Storage/S3) (not in git) Use relative-rewrites in .htaccess
Optimizing WordPress for Speed Varnish + stale-while-revalidate https://info.varnish-software.com/blog/configure-saint-mode-grace-varnish-4.1 LudicrusDB + RDS Read Replicas https://github.com/stuttter/ludicrousdb Batcache + Memcached https://wordpress.org/plugins/batcache/ Apache Mod Pagespeed PHP7 (replaces need for APC / eAccelerator)
Eliminate 99% Of Security Problems Disable PHP Execution in wp-content/uploads/ Drop Requests without Referer [sic] or User-Agent headers Use read-only filesystem for wordpress (except for uploads) Weekly upgrades of wordpress core & plugin Try to disable_functions or use suhosin pecl Use MFA Everywhere (AWS, SSH, & WordPress) https://duo.com/ Layer 7 Web Application Firewall (e.g. Apache Mod Security)
Key Takeaways It costs more to run a Highly Available, Scalable infrastructure Small sites with simple requirements should consider SaaS (e.g. wp-engine) It’s easy to operate and manage, but challenging to implement Use Github Workflow to Develop and Release Changes Follow Software Development “Best Practices”
Most of our code is on GitHub: http://github.com/cloudposse/ Need help setting it up? Cloud Posse can help! Erik Osterman hello@cloudposse.com

Recommandé

Managing Secrets in Production
Managing Secrets in ProductionManaging Secrets in Production
Managing Secrets in Production
Erik Osterman
 
The "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/OpsThe "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/Ops
Erik Osterman
 
How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...
Steffen Mazanek
 
MySQL administration in Amazon RDS
MySQL administration in Amazon RDSMySQL administration in Amazon RDS
MySQL administration in Amazon RDS
Pythian
 
Aws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account accessAws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account access
Naoya Hashimoto
 
Cloud Security At Netflix, October 2013
Cloud Security At Netflix, October 2013Cloud Security At Netflix, October 2013
Cloud Security At Netflix, October 2013
Jay Zarfoss
 
How to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureHow to scale to 100k users using Windows Azure
How to scale to 100k users using Windows Azure
Ionut Antiu
 
JClouds at San Francisco Java User Group
JClouds at San Francisco Java User GroupJClouds at San Francisco Java User Group
JClouds at San Francisco Java User Group
Marakana Inc.
 

Recommandé

Managing Secrets in Production
Managing Secrets in ProductionManaging Secrets in Production
Managing Secrets in Production
Erik Osterman
 
The "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/OpsThe "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/Ops
Erik Osterman
 
How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...How to implement data encryption at rest in compliance with enterprise requir...
How to implement data encryption at rest in compliance with enterprise requir...
Steffen Mazanek
 
MySQL administration in Amazon RDS
MySQL administration in Amazon RDSMySQL administration in Amazon RDS
MySQL administration in Amazon RDS
Pythian
 
Aws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account accessAws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account access
Naoya Hashimoto
 
Cloud Security At Netflix, October 2013
Cloud Security At Netflix, October 2013Cloud Security At Netflix, October 2013
Cloud Security At Netflix, October 2013
Jay Zarfoss
 
How to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureHow to scale to 100k users using Windows Azure
How to scale to 100k users using Windows Azure
Ionut Antiu
 
JClouds at San Francisco Java User Group
JClouds at San Francisco Java User GroupJClouds at San Francisco Java User Group
JClouds at San Francisco Java User Group
Marakana Inc.
 
Azure from scratch part 4
Azure from scratch part 4Azure from scratch part 4
Azure from scratch part 4
Girish Kalamati
 
Ansible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration ManagementAnsible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration Management
ShapeBlue
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)
Amazon Web Services
 
Rapid Prototyping with AWS IoT and Mongoose OS on ESP32 Platform
Rapid Prototyping with AWS IoT and Mongoose OS on ESP32 PlatformRapid Prototyping with AWS IoT and Mongoose OS on ESP32 Platform
Rapid Prototyping with AWS IoT and Mongoose OS on ESP32 Platform
Amazon Web Services
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Outlyer
 
Experts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationExperts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automation
Karim Vaes
 
CloudStack EC2 Configuration
CloudStack EC2 ConfigurationCloudStack EC2 Configuration
CloudStack EC2 Configuration
Sebastien Goasguen
 
Cloudformation & VPC, EC2, RDS
Cloudformation & VPC, EC2, RDSCloudformation & VPC, EC2, RDS
Cloudformation & VPC, EC2, RDS
Can Abacıgil
 
Automating Azure VMs with PowerShell
Automating Azure VMs with PowerShellAutomating Azure VMs with PowerShell
Automating Azure VMs with PowerShell
Alexander Feschenko
 
Installing WordPress on AWS
Installing WordPress on AWSInstalling WordPress on AWS
Installing WordPress on AWS
Manish Jain
 
Advanced Security Masterclass - Tel Aviv Loft
Advanced Security Masterclass - Tel Aviv LoftAdvanced Security Masterclass - Tel Aviv Loft
Advanced Security Masterclass - Tel Aviv Loft
Ian Massingham
 
How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...
How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...
How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...
Adeline Wong
 
Horton works hdp 2.5 sandpit on microsoft azure v0 5
Horton works hdp 2.5 sandpit on microsoft azure v0 5Horton works hdp 2.5 sandpit on microsoft azure v0 5
Horton works hdp 2.5 sandpit on microsoft azure v0 5
Jeff Moss
 
20211120 Automating EC2 operations / EC2運用の自動化
20211120 Automating EC2 operations / EC2運用の自動化20211120 Automating EC2 operations / EC2運用の自動化
20211120 Automating EC2 operations / EC2運用の自動化
Masaru Ogura
 
Using amazon web services with cold fusion 11
Using amazon web services with cold fusion 11Using amazon web services with cold fusion 11
Using amazon web services with cold fusion 11
ColdFusionConference
 
Managing AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormationManaging AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormation
Anton Babenko
 
(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront
Amazon Web Services
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Karim Vaes
 
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
Amazon Web Services
 
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014(SEC404) Incident Response in the Cloud | AWS re:Invent 2014
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014
Amazon Web Services
 
Advantages of cPanel-based LiteSpeed Hosting
Advantages of cPanel-based LiteSpeed HostingAdvantages of cPanel-based LiteSpeed Hosting
Advantages of cPanel-based LiteSpeed Hosting
Lisa Clarke
 
WordPress At Scale. WordCamp Dhaka 2019
WordPress At Scale. WordCamp Dhaka 2019WordPress At Scale. WordCamp Dhaka 2019
WordPress At Scale. WordCamp Dhaka 2019
Anam Ahmed
 

Contenu connexe

Tendances

Azure from scratch part 4
Azure from scratch part 4Azure from scratch part 4
Azure from scratch part 4
Girish Kalamati
 

Tendances (20)

Azure from scratch part 4
Azure from scratch part 4Azure from scratch part 4
Azure from scratch part 4
 
Ansible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration ManagementAnsible & CloudStack - Configuration Management
Ansible & CloudStack - Configuration Management
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)
 
Rapid Prototyping with AWS IoT and Mongoose OS on ESP32 Platform
Rapid Prototyping with AWS IoT and Mongoose OS on ESP32 PlatformRapid Prototyping with AWS IoT and Mongoose OS on ESP32 Platform
Rapid Prototyping with AWS IoT and Mongoose OS on ESP32 Platform
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
 
Experts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationExperts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automation
 
CloudStack EC2 Configuration
CloudStack EC2 ConfigurationCloudStack EC2 Configuration
CloudStack EC2 Configuration
 
Cloudformation & VPC, EC2, RDS
Cloudformation & VPC, EC2, RDSCloudformation & VPC, EC2, RDS
Cloudformation & VPC, EC2, RDS
 
Automating Azure VMs with PowerShell
Automating Azure VMs with PowerShellAutomating Azure VMs with PowerShell
Automating Azure VMs with PowerShell
 
Installing WordPress on AWS
Installing WordPress on AWSInstalling WordPress on AWS
Installing WordPress on AWS
 
Advanced Security Masterclass - Tel Aviv Loft
Advanced Security Masterclass - Tel Aviv LoftAdvanced Security Masterclass - Tel Aviv Loft
Advanced Security Masterclass - Tel Aviv Loft
 
How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...
How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...
How to backup Oracle Database to Dropbox, Windows Azure, Amazon S3, and local...
 
Horton works hdp 2.5 sandpit on microsoft azure v0 5
Horton works hdp 2.5 sandpit on microsoft azure v0 5Horton works hdp 2.5 sandpit on microsoft azure v0 5
Horton works hdp 2.5 sandpit on microsoft azure v0 5
 
20211120 Automating EC2 operations / EC2運用の自動化
20211120 Automating EC2 operations / EC2運用の自動化20211120 Automating EC2 operations / EC2運用の自動化
20211120 Automating EC2 operations / EC2運用の自動化
 
Using amazon web services with cold fusion 11
Using amazon web services with cold fusion 11Using amazon web services with cold fusion 11
Using amazon web services with cold fusion 11
 
Managing AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormationManaging AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormation
 
(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
 
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
 
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014(SEC404) Incident Response in the Cloud | AWS re:Invent 2014
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014
 

Similaire à Rock Solid WordPress

DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
Amazon Web Services
 
wordpress-performance-presentation
wordpress-performance-presentationwordpress-performance-presentation
wordpress-performance-presentation
Arun Janarthanan
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment Workshop
Manuel Garcia
 
DOs and DONTs on the way to 10M users
DOs and DONTs on the way to 10M usersDOs and DONTs on the way to 10M users
DOs and DONTs on the way to 10M users
Yoav Avrahami
 
Саша Белецкий "Continuous Delivery в продуктовой разработке"
Саша Белецкий "Continuous Delivery в продуктовой разработке"Саша Белецкий "Continuous Delivery в продуктовой разработке"
Саша Белецкий "Continuous Delivery в продуктовой разработке"
Agile Base Camp
 
CTU June 2011 - Things that Every ASP.NET Developer Should Know
CTU June 2011 - Things that Every ASP.NET Developer Should KnowCTU June 2011 - Things that Every ASP.NET Developer Should Know
CTU June 2011 - Things that Every ASP.NET Developer Should Know
Spiffy
 

Similaire à Rock Solid WordPress (20)

Advantages of cPanel-based LiteSpeed Hosting
Advantages of cPanel-based LiteSpeed HostingAdvantages of cPanel-based LiteSpeed Hosting
Advantages of cPanel-based LiteSpeed Hosting
 
WordPress At Scale. WordCamp Dhaka 2019
WordPress At Scale. WordCamp Dhaka 2019WordPress At Scale. WordCamp Dhaka 2019
WordPress At Scale. WordCamp Dhaka 2019
 
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
 
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
 
wordpress-performance-presentation
wordpress-performance-presentationwordpress-performance-presentation
wordpress-performance-presentation
 
Exam Overview 70-533 Implementing Azure Infrastructure Solutions
Exam Overview 70-533 Implementing Azure Infrastructure SolutionsExam Overview 70-533 Implementing Azure Infrastructure Solutions
Exam Overview 70-533 Implementing Azure Infrastructure Solutions
 
Caching 101
Caching 101Caching 101
Caching 101
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for Government
 
Make WordPress Fly With Virtual Server Hosting - WordCamp Sydney 2014
Make WordPress Fly With Virtual Server Hosting - WordCamp Sydney 2014Make WordPress Fly With Virtual Server Hosting - WordCamp Sydney 2014
Make WordPress Fly With Virtual Server Hosting - WordCamp Sydney 2014
 
Private Cloud Academy: Backup and DPM 2010
Private Cloud Academy: Backup and DPM 2010Private Cloud Academy: Backup and DPM 2010
Private Cloud Academy: Backup and DPM 2010
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment Workshop
 
OSv presentation from Linux Foundation Collaboration Summit
OSv presentation from Linux Foundation Collaboration SummitOSv presentation from Linux Foundation Collaboration Summit
OSv presentation from Linux Foundation Collaboration Summit
 
DOs and DONTs on the way to 10M users
DOs and DONTs on the way to 10M usersDOs and DONTs on the way to 10M users
DOs and DONTs on the way to 10M users
 
Joomla! Performance on Steroids
Joomla! Performance on SteroidsJoomla! Performance on Steroids
Joomla! Performance on Steroids
 
Building a website without a webserver on Azure
Building a website without a webserver on AzureBuilding a website without a webserver on Azure
Building a website without a webserver on Azure
 
Саша Белецкий "Continuous Delivery в продуктовой разработке"
Саша Белецкий "Continuous Delivery в продуктовой разработке"Саша Белецкий "Continuous Delivery в продуктовой разработке"
Саша Белецкий "Continuous Delivery в продуктовой разработке"
 
CTU June 2011 - Things that Every ASP.NET Developer Should Know
CTU June 2011 - Things that Every ASP.NET Developer Should KnowCTU June 2011 - Things that Every ASP.NET Developer Should Know
CTU June 2011 - Things that Every ASP.NET Developer Should Know
 
Move to azure
Move to azureMove to azure
Move to azure
 
5 Simple Steps to Migrate to AWS – Zerto
5 Simple Steps to Migrate to AWS – Zerto 5 Simple Steps to Migrate to AWS – Zerto
5 Simple Steps to Migrate to AWS – Zerto
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for Government
 

Plus de Erik Osterman

Unlimited Staging Environments on Kubernetes
Unlimited Staging Environments on KubernetesUnlimited Staging Environments on Kubernetes
Unlimited Staging Environments on Kubernetes
Erik Osterman
 
Docker Demystified - Virtual VMs without the Fat
Docker Demystified - Virtual VMs without the FatDocker Demystified - Virtual VMs without the Fat
Docker Demystified - Virtual VMs without the Fat
Erik Osterman
 
Speeding up Page Load Times by Using the Starling Queue Server
Speeding up Page Load Times by Using the Starling Queue ServerSpeeding up Page Load Times by Using the Starling Queue Server
Speeding up Page Load Times by Using the Starling Queue Server
Erik Osterman
 
Speeding up Page Load Times by Using Starling
Speeding up Page Load Times by Using StarlingSpeeding up Page Load Times by Using Starling
Speeding up Page Load Times by Using Starling
Erik Osterman
 
RightScale User Conference: Why RightScale?
RightScale User Conference: Why RightScale?RightScale User Conference: Why RightScale?
RightScale User Conference: Why RightScale?
Erik Osterman
 

Plus de Erik Osterman (7)

Unlimited Staging Environments on Kubernetes
Unlimited Staging Environments on KubernetesUnlimited Staging Environments on Kubernetes
Unlimited Staging Environments on Kubernetes
 
Docker Demystified for SB JUG
Docker Demystified for SB JUGDocker Demystified for SB JUG
Docker Demystified for SB JUG
 
An Ensemble Core with Docker - Solving a Real Pain in the PaaS
An Ensemble Core with Docker - Solving a Real Pain in the PaaS An Ensemble Core with Docker - Solving a Real Pain in the PaaS
An Ensemble Core with Docker - Solving a Real Pain in the PaaS
 
Docker Demystified - Virtual VMs without the Fat
Docker Demystified - Virtual VMs without the FatDocker Demystified - Virtual VMs without the Fat
Docker Demystified - Virtual VMs without the Fat
 
Speeding up Page Load Times by Using the Starling Queue Server
Speeding up Page Load Times by Using the Starling Queue ServerSpeeding up Page Load Times by Using the Starling Queue Server
Speeding up Page Load Times by Using the Starling Queue Server
 
Speeding up Page Load Times by Using Starling
Speeding up Page Load Times by Using StarlingSpeeding up Page Load Times by Using Starling
Speeding up Page Load Times by Using Starling
 
RightScale User Conference: Why RightScale?
RightScale User Conference: Why RightScale?RightScale User Conference: Why RightScale?
RightScale User Conference: Why RightScale?
 

Dernier

Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...
IJECEIAES
 
Final DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manualFinal DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manual
BalamuruganV28
 
Fuzzy logic method-based stress detector with blood pressure and body tempera...
Fuzzy logic method-based stress detector with blood pressure and body tempera...Fuzzy logic method-based stress detector with blood pressure and body tempera...
Fuzzy logic method-based stress detector with blood pressure and body tempera...
IJECEIAES
 
Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..
MaherOthman7
 
Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...
Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...
Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...
drjose256
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
Kira Dess
 
21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx
rahulmanepalli02
 

Dernier (20)

Autodesk Construction Cloud (Autodesk Build).pptx
Autodesk Construction Cloud (Autodesk Build).pptxAutodesk Construction Cloud (Autodesk Build).pptx
Autodesk Construction Cloud (Autodesk Build).pptx
 
Dynamo Scripts for Task IDs and Space Naming.pptx
Dynamo Scripts for Task IDs and Space Naming.pptxDynamo Scripts for Task IDs and Space Naming.pptx
Dynamo Scripts for Task IDs and Space Naming.pptx
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.ppt
 
Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...
 
Basics of Relay for Engineering Students
Basics of Relay for Engineering StudentsBasics of Relay for Engineering Students
Basics of Relay for Engineering Students
 
Final DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manualFinal DBMS Manual (2).pdf final lab manual
Final DBMS Manual (2).pdf final lab manual
 
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfInvolute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
 
Research Methodolgy & Intellectual Property Rights Series 1
Research Methodolgy & Intellectual Property Rights Series 1Research Methodolgy & Intellectual Property Rights Series 1
Research Methodolgy & Intellectual Property Rights Series 1
 
15-Minute City: A Completely New Horizon
15-Minute City: A Completely New Horizon15-Minute City: A Completely New Horizon
15-Minute City: A Completely New Horizon
 
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxSLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
 
UNIT-2 image enhancement.pdf Image Processing Unit 2 AKTU
UNIT-2 image enhancement.pdf Image Processing Unit 2 AKTUUNIT-2 image enhancement.pdf Image Processing Unit 2 AKTU
UNIT-2 image enhancement.pdf Image Processing Unit 2 AKTU
 
Fuzzy logic method-based stress detector with blood pressure and body tempera...
Fuzzy logic method-based stress detector with blood pressure and body tempera...Fuzzy logic method-based stress detector with blood pressure and body tempera...
Fuzzy logic method-based stress detector with blood pressure and body tempera...
 
Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..Maher Othman Interior Design Portfolio..
Maher Othman Interior Design Portfolio..
 
Circuit Breakers for Engineering Students
Circuit Breakers for Engineering StudentsCircuit Breakers for Engineering Students
Circuit Breakers for Engineering Students
 
5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...
 
CLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference ModalCLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference Modal
 
Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...
Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...
Tembisa Central Terminating Pills +27838792658 PHOMOLONG Top Abortion Pills F...
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
 
21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx21P35A0312 Internship eccccccReport.docx
21P35A0312 Internship eccccccReport.docx
 

Rock Solid WordPress

  • 1. Rock Solid WordPress Architecting WordPress for Massive Scale Presented by Erik Osterman Cloud Posse <hello@cloudposse.com> https://cloudposse.com/
  • 2. Our Secret Sauce How We Made WordPress FAST And Scale to Support Thousands of Concurrent Users 20 Hot Slides < 25 minutes Q&A Afterwards
  • 3. About Me Former Director of Cloud Architecture, CBS Interactive in San Francisco Ran Operations for TV.com, Metacritic.com, and Clicker.com Worked with AWS EC2 since 2006 / Private Invite-only Beta Advise numerous successful venture backed startups Backend Software Developer, Open Source Advocate / Contributor Trivia: Traveled for ~2 years and lived out of carry on; visited 30+ countries
  • 4. Typical WordPress Stack (Single Server Running Apache, PHP, MySQL)
  • 5. Typical WordPress Stack Single Server running Apache, PHP-FPM, MySQL Life was easy. What could possiblygo wrong?
  • 6. A lot. MySQL Database Crashes, Maxed out Database Connections, Slow Queries Cause Cascading Failures, Eventual Disk Failure, Failed Wordpress Updates, Cowboy Coding, Too Many Concurrent Requests, CPU & Memory Constraints, No Swap, Site Hacked, Old or Incomplete Backups, Denial of Service Attack, Expired SSL Certificate, Expired Domain, Rogue Developer, Compromised SSH Keys, No Monitoring, No Alerts, ISP Network Failure, Software Glitches, Physical Hardware Failure, Bad OS Upgrades, fat fingers, Human Errors, and last but not least…. Murphy's Law
  • 7. Why? Only 1 server means... All of our eggs are in one basket. One MASSIVE Single Point of Failure (“SPOF”) Failure of any component means downtime
  • 8. What We Want Reliable - 99.995% uptime (less than 30 minutes/year of downtime) Fast - blazingly fast page load speeds that are lightening fast Affordable - it must be cost effective to maintain in the long run Easy - self-service operation without rocket scientists; auto-heal if things break Reproducible - identical environments for staging & production Stable - We a site that scales horizontally as traffic increases Upgradable - zero-downtime deployments with rollback support Secure - harned attack surface so we don't want to get hacked Customizable - run ANY plugin or theme you want
  • 9. Our Strategy Decompose all components into individual tiers (application, load balancer, database, cache, filesystem) Scale Tiers Independently Store Code in GitHub, Continuously Deploy to Staging Use Rolling Updates to Deploy All Changes Leverage “Fully Managed” Services for Lower Maintenance Costs Write Infrastructure as Code to avoid out-of-date documentation
  • 10. Development “Best Practices” Follow 12-Factor Pattern with WordPress http://12factor.net Develop Locally (e.g. Upgrade WordPress Core/Plugins, Enable Theme) Use Standard Git Workflow as a Development Process feature branch → modify → commit → push → PR → merge → ci/cd Test in Staging that it is functional and passes acceptance tests Release to Production after it passes all tests
  • 11. What it looks like...
  • 17. Our Prescription RDS Aurora - highly available, scalable MySQL cluster EFS - network filesystem to store wordpress assets Elastic Beanstalk - “Platform as a Service” to run WordPress ElastiCache - Memcached cluster for caching and user sessions CodePipeline - use CI/CD to automatically deploy code to staging from GitHub ALB - layer 7 application load balancer with WAF Route53 - global DNS service CloudFront - CDN for all static assets VPC - 100% Isolation between environments Terraform - to compose infrastructure
  • 18. “Cloud Native” WordPress Use environment variables for all settings in wp-config.php Automate wp-cli to activate/deactivate features on deployment (leader_only: true) Avoid plugins that write files to disk Stash wp-content/uploads on Network Filesystem (or Object Storage/S3) (not in git) Use relative-rewrites in .htaccess
  • 19. Optimizing WordPress for Speed Varnish + stale-while-revalidate https://info.varnish-software.com/blog/configure-saint-mode-grace-varnish-4.1 LudicrusDB + RDS Read Replicas https://github.com/stuttter/ludicrousdb Batcache + Memcached https://wordpress.org/plugins/batcache/ Apache Mod Pagespeed PHP7 (replaces need for APC / eAccelerator)
  • 20. Eliminate 99% Of Security Problems Disable PHP Execution in wp-content/uploads/ Drop Requests without Referer [sic] or User-Agent headers Use read-only filesystem for wordpress (except for uploads) Weekly upgrades of wordpress core & plugin Try to disable_functions or use suhosin pecl Use MFA Everywhere (AWS, SSH, & WordPress) https://duo.com/ Layer 7 Web Application Firewall (e.g. Apache Mod Security)
  • 21. Key Takeaways It costs more to run a Highly Available, Scalable infrastructure Small sites with simple requirements should consider SaaS (e.g. wp-engine) It’s easy to operate and manage, but challenging to implement Use Github Workflow to Develop and Release Changes Follow Software Development “Best Practices”
  • 22. Most of our code is on GitHub: http://github.com/cloudposse/ Need help setting it up? Cloud Posse can help! Erik Osterman hello@cloudposse.com