Accueil / 5 Mistakes to Avoid on your Drupal Website - Number 4: Infrastructure

5 Mistakes to Avoid on your Drupal Website - Number 4: Infrastructure

Photo by Ravi Sarma - Brooklyn Bridge, CC BY 2.0

In previous articles in this series, we’ve covered the areas of architecture, security and performance. All of these aspects are affected by your infrastructure from the time of development to deployment. 

Infrastructure covers the stack your website lives on, including the server, the database and any software layers, such as Varnish or Memcached which ensure your visitors have a snappy experience. For example, planning the infrastructure from the start and developing on the same environment can greatly reduce variables and risk at launch time. Having a reliable multiple environment configuration and a solid disaster recovery plan shouldn't be left to last-minute decisions. When it is, mistakes start arising. Here's a few tips to avoid the most common errors. 

Best Practices

  • Size your stack correctly, not too large, not too small. This can ensure you're economically prepared for anything.
  • Bottlenecks can arise from the hardware or from from processes hogging memory. Check logs for errors, and prepare for growth and spikes. Your stack is only as fast as the slowest component. Focus your efforts there; you'll probably find low hanging fruit.
  • In terms of security, it’s also crucial to configure to protect from internal attacks as well as external attacks.

Size your stack properly

  • Mistake: Server's hardware capacity is sufficient but misconfigured. 

  • Example: Database server set large enough, with 48GB of memory, but InnoDb buffer pool set for only 1GB.
  • Solution: Take into account all aspects of stack configuration . Use tools such as mysqltuner.pl 
(see Recommended Tool) to analyze your database.

Let Varnish take the hit

  • Mistake: Misconfiguration causes traffic to bypass Varnish and hit the server.

  • Solution: Check response headers to ensure that pages you expect to be cached, are. Ensure that modules aren't setting session variables unnecessarily.

Avoid exposure to vulnerabilities

  • Mistake: Remote connections to the database, Memcached, or Solr are allowed.
  • Example: Assuming an external firewall will provide adequate protection, the port that runs Memcached is not protected via IPtables.

  • Solution: As many as 50 percent to 70 percent of attacks can be internal . Forbid remote connections to the database, Memcached or Solr, and maintain this configuration through any infrastructure changes.

Recommended Resources

  • MySQL tuning script: mysqltuner.pl or MYSQLTuner. It will present current configuration variables and status data for your MySQL installation, along with some basic performance suggestions.
  • You can also find out more about our Infrastructure workshops useful for operations teams new to Drupal or LAMP requirements. Especially if you're building out your own infrastructure, instead of going with a managed solution like our own hosting.
  • Recently my colleague, Cameron Tod wrote about the specifics for Drupal Multi-site Infrastructure, if you need more specifics about that configuration.

Photo by Ravi Sarma - Brooklyn Bridge (CC BY 2.0)

Commentaires

Posted on by Dave Rothfarb (non vérifié).

Thanks for the great article and helpful tips! I'll definitely be looking at MySQL tuning scripts.

Ajouter un commentaire

Plain text

  • Aucune balise HTML autorisée.
  • Les adresses de pages web et de courriels sont transformées en liens automatiquement.
  • Les lignes et les paragraphes vont à la ligne automatiquement.

Filtered HTML

  • Use [acphone_sales], [acphone_sales_text], [acphone_support], [acphone_international], [acphone_devcloud], [acphone_extra1] and [acphone_extra2] as placeholders for Acquia phone numbers. Add class "acquia-phones-link" to wrapper element to make number a link.
  • Pour publier des morceaux de code, entourez-les avec les balises <code>...</code>. Pour du PHP, utilisez. <?php ... ?>, ce qui va colorier le code en fonction de sa syntaxe.
  • Les adresses de pages web et de courriels sont transformées en liens automatiquement.
  • Tags HTML autorisés : <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <h4> <h5> <h2> <img>
  • Les lignes et les paragraphes vont à la ligne automatiquement.
By submitting this form, you accept the Mollom privacy policy.