Acquia Introduction December 9th, 2009

20 

Full text

(1)

Acquia Introduction

(2)

Agenda

1. Content Management 2. Web Application Framework 3. Architecture principles 1. Modular 2. Event driven 3. Skinnable 4. Secure 5. Accessible 4. Enterprise integration 1. Authentication 2. Content Sharing: Documents 3. Data services 4. Application service 1. Scalable 2. Performance

3. Security compliance: NIST, FISMA, HIPPA 4. Multi-lingual 5. APIs 1. Menu 2. Database 3. Session handling 4. Filtering 5. Cachable 6. Batch processing 7. Module 8. Update 9. Unicode 10. File storage

11. Locale & Language

(3)

Content management

Content is managed as a central content type called a node. Nodes are extensible by decorating them with fields.

Content features: User accounts

Customizable access and application permissions Revisions

Customizable work flows

Custom content types: CCK in D6, Fields in D7 Webforms

Aggregation: Exporting & Importing

Web based UI for management and administration

(4)

Web Application Framework

A full web application frame for building web applications Strongest when the applications are content related

Drupal implements the Presentation Abstraction Control pattern, similar to the MVC pattern

(5)

Architectural principles

Drupal was started 10 years ago. It is based on technical choices that were the best at the time.

PHP was the most effective web programming language at the time. (Facebook, Yahoo, etc)

Objects were not first class in PHP at the time. Drupal uses

many OO patterns, and makes increasing use of OO language features.

Drupal uses Aspect Oriented Programming through hooks. Principles: Modular, Event driven, Skinnable, Secure,

(6)

Modular

Drupal is modular so it is customizable and extensible.

There are some 8700 contributed projects on Drupal.org which are a testament to the importance of that modularity.

Drupal provides APIs to achieve control and override core,or contribute module behaviors.

The developer community sees the inability to customize as a bug.

Flexibility comes at a price. Loose coupling can lead to debugging difficulty issues.

(7)

Event driven

Drupal's magically named hook functions interact with events as they are triggered.

Drupal's event listener pattern is key and is similar to OO methods.

(8)

Skinnable

Functions and templates that present output to the user, and can be implemented by themes.

Drupal's presentation layer is a pluggable system known as the theme layer. Each theme can take control over most of Drupal's output, and has complete control over the CSS.

Drupal's default template renderer is a simple PHP parsing engine that includes the template and stores the output.

Skilled themers can customize the xhtml output to get the markup they need to style a site.

(9)

Security APIs

Drupal provides functions to avoid common security issues Drupal philosophy is to escape or filter when appropriate Provides check functions on output to prevent cross site scripting attacks

The database abstraction layer avoids SQL injection attacks The db_rewrite_sql function is used to respect node access restrictions.

(10)

Accessibility

Drupal 7 aims to be compliant with WCAG 2.0:

1. Web Content Accessibility Guidelines (WCAG) 2.0 http:// www.w3.org/TR/WCAG20/

2. The Eleven Most Accessible Drupal 6 Themes

http://openconcept.ca/blog/mgifford/

function_assessment_of_valid_drupal_6_themes

3. Accessibility Best Practices in Drupal Theming

http://szeged2008.drupalcon.org/program/sessions/ accessibility-best-practices-drupal-theming

(11)

Enterprise Integration

Drupal has extensive integration abilities. These integrations are based on open standards and rely on a wide variety of

mature contributed modules and APIs. 1. Authentication

2. Content Sharing: Documents 3. Data services

(12)

Authentication

Drupal supports two authentication APIs, Drupal's native authentication and OpenID.

Drupal has approximate 350 user access and authentication modules

The services module supports it's own authentication for

services including: XMLRPC, JSON, JSON-RPC, REST, SOAP,

(13)

Content Sharing

Drupal supports content import and export.

Batch imports can be done with the migration suite. Content can be imported incrementally

Content is extractable from multiple database types Imports and Exports can be done with CSV files

Content can be imported a feeds, or nodes w/ aggregation

Documents can be shared with other content repositories via the Content Management Interoperability Services

(14)

Data services

Drupal natively exposes data in standard formats xHTML, RSS, XML-RPC, XML, JSON

(15)

Web application services

Web Services module supports:

XMLRPC, JSON, JSON-RPC, REST, SOAP, AMF, etc.

(16)

Scalable

Individual Drupal sites are known to scale to 50M PVs/month Acquia has scaled sites to deliver over 5000 PVs/minute

Drupal can be scaled by segmenting services, caching, and using horizontally scaling service layers.

Search and logs can be deployed to external services

Caching: HTTP caching with reverse proxy, Memcache, Opcode caching, Page generation caches, Database caching are all

critical

Load balancers combined with Web servers scale application delivery. Drupal can use read and write databases.

(17)

Performance

Drupal performance is reliant on: CSS, Javascript, Webserver, CDN, page cache, Memcache, web server, opcode cache, PHP, Drupal, file system, database, database query optimization

Monitoring and heuristics help to identify system bottlenecks

Performance snapshot tools: Page delivery - YSlow, Database - Maatkit, Drupal - Devel module. PHP-Cache grind

Drupal has been tuned to deliver over 5000 anonymous pages a minute

Large sites like economist and drupal.org deliver sites within 0.5 seconds

(18)

Security

Drupal security team has 35 members and reviews reported vulnerabilities.

Regular core and contributed security announcements Drupal is audited by both governments and private sector. Vulnerabilities are reported to the security team and fixed. Drupal based systems are secured and deployed for federal sites, using FIPS 199, FISMA as moderate security

classification

(19)

Multilingual

Drupal 6 has localization and internationalization in core. Default language is the fallback. Use translations to deliver users preferred language, or URL based translation.

Translation efforts for modules center at: localize.drupal.org a translation service.

Translation services plug directly into Drupal and perform the service

(20)

Contact for additional questions

• 

Kieran Lal

• 

415-992-8124

Figure

Updating...

References

Updating...

Related subjects :