ongoing management of your php 7 application
TRANSCRIPT
1© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Ongoing management of
your PHP 7 application
Jan Burkl
Solution consulting manager
2© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Ask the PHP experts: Series
overview
Now: Ongoing management of your PHP 7 application
Oct. 11: PHP industry roundtable
Join our panel of experts in an open discussion on the latest in PHP news,
technologies, programming practices, and case studies.
3© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Presenter
Jan Burkl
Solution Consulting Manager, Central Europe
Rogue Wave Software
Twitter: @janatzend
4© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Watch the on-demand webinar
7© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Security
https://en.wikipedia.org/wiki/Security
“Security is the degree of resistance to,
or protection from, harm. It applies to
any vulnerable and/or valuable asset
[…]”
11© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Security pillars 1/2 – PHP application
• Framework
– Community
– Security policy
• Custom code
– Skillset
– QA tools
12© 2017 Rogue Wave Software, Inc. All Rights Reserved.
OWASP
• Open Web Application Security Project
• Not-for-profit
• Make software security visible
• https://www.owasp.org/index.php/Top_10_2017-Top_10
– Rejected...
– A1: Injection
– A2: Broken Authentication and Session Management
– A3: Cross-Site Scripting (XSS)
– All of the above related to development (8 out of 10 in total)
13© 2017 Rogue Wave Software, Inc. All Rights Reserved.
• (Security) Training
• Security audit
• Application audit
14© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Security pillars 2/2 - Stack
• Support for PHP
• Support for OS
– Hardened CentOS at AWS
• Support for database
• Support for container orchestration
– Docker Swarm, Kubernetes
17© 2017 Rogue Wave Software, Inc. All Rights Reserved.
PHP 7 is fast
0
100
200
300
400
500
600
Magento 1.9 Drupal 7 WordPress 4.1 ZF2 Laravel
PHP 5.6 PHP 7
Requests per Second
18© 2017 Rogue Wave Software, Inc. All Rights Reserved.
PHP 7 is
fast
https://engineering.tumblr.com/post/152998126990/php-7-at-tumblr
19© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Two questions
• Is your app scalable?
– Maybe you know
– Architecture audit
• When to scale?
– Monitoring
• Zend Server
22© 2017 Rogue Wave Software, Inc. All Rights Reserved.
(More than) Compute power
• Virtual machines?
• Cloud? (AWS, Azure, Google, ...)
• Container? (Docker, Rocket, ...)
28© 2017 Rogue Wave Software, Inc. All Rights Reserved.
First step - Monitoring
Left shift XDebug Z-Ray XHProf
Infrastructure monitoring
Nagios Monit Munin
App monitoring
Code tracingZend Server monitoring
rulesELK
30© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Be careful with diagrams 1/3
db_exec()812 ms
ws_call()336 ms
render()145 ms
helper()17 ms
translate()12 ms
user()10 ms
permission()8 ms
31© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Be careful with diagrams 2/3
db_exec()36 ms
ws_call()336 ms
render()145 ms
helper()17 ms
translate()12 ms
user()10 ms
permission()8 ms
32© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Be careful with diagrams 3/3
db_exec()36 ms ws_call()
8 ms
render()145 ms
helper()17 ms
translate()12 ms
user()10 ms
permission()8 ms
35© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Caching
• OpCode Cache
• Data Cache
– Zend Server Data Cache
– Memcache
– Redis
• Page Cache
– Zend Server Page Cache
– Varnish
36© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Job Queue
• Parallel execution
• Run scripts offline
• Run scripts on other systems
• Distribute the load – space and time
38© 2017 Rogue Wave Software, Inc. All Rights Reserved.
“We wanted to be able to
scale up and sell other
services on the same
foundation, not just build
telecom functionality.”
Youri Treur
director e-commerce and support at Simpel
40© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Dev, DevOps
• Application migration
• Framework migration
• Tests
• Tools
• OS upgrade
• Best practices
Management
• Time-to-market
• Reduce risk
• Minimize costs
41© 2017 Rogue Wave Software, Inc. All Rights Reserved.
“Being a game changer is all
about time to market. This
means having efficient
change management, being
flexible as a company [...].
Finding suppliers that are the
best at what they do helped
us do this.”Kai Stevens, Enrise
44© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Watch the on-demand webinar
47© 2017 Rogue Wave Software, Inc. All Rights Reserved.
Stay tuned
Oct. 11: PHP industry roundtable
Join our panel of experts in an open discussion on the latest in PHP news,
technologies, programming practices, and case studies.
Register now.