Multi-cloud Drupal Deployment to AliCloud: Best Practices for Synchronized Deployments to China

Submitted by jordan on Mon, 02/05/2024 - 21:48

Global enterprises face stark challenges when deploying copies of their websites to China. As proponents of open source, we have a good amount of control over choosing how to configure and deploy our website.

When one of Facet’s clients recently came to us last year with this problem, we dove into a solutions architecture that would enable multi-cloud deployments — with a centrally managed codebase and configuration management spanning controls for both sets of infrastructure. Our goal wasn’t to directly manage the application codebase on the China-hosted servers in AliCloud — but instead to systemize the process around replicating the Drupal codebase as a distribution to Coding.net such that it could be deployed to the virtual private servers.

In this article we’ll talk about the unique challenges of deploying to China, and how we envision a continuous integration and continuous deployment pipeline to overcome the complex synchronization issues and maintenance of a multi-cloud architecture.

Background

With the Great Firewall of China, all operations for deploying open source software to China must be re-evaluated. In general, your practices must evaluate the chain of deploying to uniquely opaque infrastructure:

  • Git: Where will the code repository be hosted or mirrored for deployment within China?
  • Infrastructure: Who will provision and maintain the server infrastructure? How will it be provisioned? What controls do we have?
  • Domain Registration: Who will be our partner and custodian in China to help us provision this property?

Use Cases

  1. Mirroring Pantheon hosted Drupal instance AliCloud
  2. Mirroring Acquia hosted Drupal instance to AliCloud

Why Mirror Drupal Site Config?

  • In a centralized IT service model where one group is responsible for development of an application that must serve all regions, then having a code integration and deployment pipeline that serves all regions is paramount.
  • The complexity of deploying to China may be considered high, but the management of Drupal configuration presents an inherent amount of risk that requires deep collaboration between China-based teams and those outside of China.
  • Drupal configuration tuning that must be executed to work with China-based cloud configurations need to be documented and persisted as Infrastructure-as-Code and application configuration management. All work should be communicated up stream, validated, and monitored for risk of unintended change management. Automated tools should be used to monitor the codebase for changes on both sides so that both teams are alerted if there is any drift.

Understanding the Challenges

Successful multi-cloud deployment involves overcoming several challenges:

  1. Manual Deployment Processes: Traditionally, deployments might involve manual processes, including modifying and adapting code for specific cloud infrastructures.
  2. Infrastructure Discrepancies: Differences in infrastructure across cloud hosting providers necessitate distinct configuration splits for each Drupal environment.
  3. Lack of Systematic Approach: Absence of a systematic deployment approach can lead to inefficiencies and delays, particularly in critical updates like security patches.

Architectural Solutions

To address these challenges, a structured and robust architectural solution is required:

  1. Unified Repositories: Centralizing development work in dedicated repositories and ensuring that deployment artifacts are uniformly managed across different cloud platforms.
  2. Technology Stack Updates: Regularly updating the technology stack, including PHP and MySQL versions, and exploring options for CDN and web application firewalls.
  3. Implementing Infrastructure as Code (IaC): Using tools like Terraform for provisioning while enhancing the process with proper documentation and scripts.
  4. Effective Configuration Management: Implementing configuration management with split policies to manage different considerations for the infrastructure, for example compatibility with Solr, Redis, or other connectors or libraries.
  5. Enhanced Change Management and Security: Establishing monitoring systems for codebase changes, especially those made by external partners, to manage security risks and ensure consistent quality.

Implementation Strategy

A structured implementation approach is crucial:

  1. Mirroring and Configuration Exporting: Creating mirrors of the code on suitable platforms and exporting all necessary configuration changes for each cloud environment.
  2. Central Management of Configuration Sets: Collaborating with partners to manage and maintain these configurations, ensuring awareness of future changes.
  3. Streamlined Deployment Process: Integrating the deployment to additional cloud environments as a part of the CI/CD pipeline, similar to the process used for existing cloud platforms.
  4. Staging and Review Process: Facilitating the review of merge requests and code releases through an efficient staging process.
  5. Risk Minimization: Centralized management approach to reduce the risk of regressions and maintain stability across all platforms.

Alternative Solutions

A multi-cloud deployment of Drupal may prove unnecessarily complex without appropriate uniform management of infrastructure with containerization (Docker, Kubernetes).

Some solutions such as Chinafy.com may serve as a proxy for relaying a Chinese translated version of your site within the China firewall. There are inherent risks with proxy-based translation solutions, such as bleeds, media management, and requirements for differences in site information architecture.

Conclusion and Future Directions

Implementing these strategies ensures a systematic and efficient multi-cloud deployment process, reducing risks associated with change management and deployment. The focus remains on robust code management and release processes, crucial for maintaining effective, secure, and reliable multi-cloud environments.

Feedback and further discussions are always welcome to refine and adapt these strategies. For more information or detailed discussions, feel free to comment or get in touch!