One of the Internet’s most widely used or deployed solutions is a Content Management System. A content management system is a system that allows you to publish and share content on the Internet. There are many solutions out there that will allow you to achieve this, to make it easier to understand I’ve created the four categories below:
- SaaS platform – Make use of a solution such as medium or ghost as examples. If it’s more technical then maybe GitHub Pages will work.
- External hosted – Make use of what your Internet Service Provider might provide you with – most of the time they use software such as cPanel or a SaaS version of WordPress.
- Custom built – Custom building your own content system – the developer way.
- Hybrid – A combination of points 2 & 3 – Deploy a package and have it hosted on infrastructure.
Due to being an enthusiast I opted for option 4 – This allows me to tinker when I need to but also within certain guidelines. The thinking for that is depicted below:
There is a goal – publishing of information that pertains to solution architecture onto the internet.
There are requirements – It has to be accessible and secure.
There are constraints – There needs to be continuous learning around the solution. Not to much time can be spent looking after the solution.
The driver for all of this stems from wanting to share technical information.
Overall concept view
Simplistically I’ve used the following conceptual view as a guide:
The diagram reads (from left to right) a user (02) or myself (01) accesses a device (03) (either mobile device, laptop, desktop, etc) using a browser to connect to a website (05) on the internet (04). There are a couple of processes that I would need the website to fulfill such as Content publishing, Administration, Viewing of Content and so on.
This view is not a flow diagram but it is a conceptual view that normally would be used to simply describe what I would want the solution to portray – here as little technical systems should be use. One of the reasons for that is that if for instance we replace the Website collaboration component with the actual system such as WordPress, if we had to change the system we would need to update the diagram. Now updating the diagram is not a problem or an issue but what is an issue is what has been portrayed. Website might be seen as “WordPress” only which is not the case. We thus loose a level of abstraction and we would then need to re-communicate and re-educate stakeholders on the reasoning.
The landscape we dealing with
In order to get a better view of the components we will need to put together for a solution, we need to understand the landscape we working with. The best way to do this is usually through a reference architecture. This would be all components of the solution rolled up to capabilities. I couldn’t find a concrete authoritative view on what reference architecture could be used here – Assumption is that because CMS platforms are so widely used and adopted it’s probably not an issue. Also most CMS platform’s come with a variety of plugins and 3rd party providers that integrate directly with the CMS.
I’ve gone and put together what I would normally see from a CMS solution in the landscape view below:
In this view I’ve grouped every component into a capability that would be needed for the solution.
Another point to note is that the 3 components greyed out are not scoped for now.
Focusing on what’s needed for the solution I came up with the following list:
Most of the component’s that I’ve chosen are based off open source software or free tier version’s of the software provided.
The view now looks like this:
Costing and licensing
The cost of the solution is based on the following:
Infrastructure on Azure – If you want to experiment on Azure there is a 12 month free tier available. I’ve passed my free tier access years ago and therefore have a paid pay-as-you-go subscription. The following resources make up the costing on Azure:
- Networking – Azure DNS, Virtual Network and some bandwidth.
- Backup Vault – I have daily back-ups running for the virtual machine in the case of a failure I’m able to restore data from at minimum a day old.
- Public IP Address – A dedicated public address – this is used to connect to associate the IP with the DNS provider.
- Storage – This is the virtual disk where the data is stored.
- Virtual Machine – The actual virtual machine where the CMS component is being hosted on.
The accumulated costing for the Azure infrastructure comes in at between R400 – R500 a month. On the face of it, this might look pricey but I opted for a B1ms Virtual Machine with 1 vcpu and 2 GiB of memory this was because I added another 2 instances of WordPress to this machine. The daily costing works out to about R18 a day to run and operate 3 WordPress websites.
Bundled as well with the Azure subscription is access to a free tier with SendGrid. This free tier allows you to send 100 emails every day for the lifetime of the Azure subscription.
DNS on Afrihost – The monthly charge for the domain is R39 through Afrihost and a re-registration fee of about R190 done on a annual basis.
The other components are all free however they do have paid for versions.
The total cost then works out to something just under R550 per month to host. There are cheaper solutions – this works for what I want to do.
What we dealing with, logically
Now that we’ve figured out what we conceptually want to achieve, what the landscape is, what the costing is more or less we can move on to the logical architecture.
This view gives us an understanding of all the components and how they will logically interact with each other. Note this is still considered a high-level view as the components have been rolled up into single apps/platforms/systems. Flow interaction is as follows:
Deep level Tech
Of all the components, the most important is the cloud infrastructure and how the cloud virtual machine is configure. Here it would be make sense to dive deeper into what is needed at a technical level.
An interesting note, Azure does provide a diagrammatic view of your cloud architecture. This is the view provided based on the current setup:
For a quick glance, that view will work but for what I need I’d prefer a view that resembles what I understand with everything I need in one picture.
Below is a listing of the components – This is focused on the Azure cloud implementation only.
Of all the Azure Services available a special mention must be made to the Recovery Services Vault. Often something that is over looked is the recovery of a solution. In this case, loosing all the data and information is probably negligible – but seeing however that this websites main reason for existence is around good architecture having a backup is key or rather a must. I’ve opted for the easy route and for now just have a daily backup of the entire virtual machine.
Other components to the solution that required configuration were:
Cloudflare – Cloudflare Dashboard – https://dash.cloudflare.com
The name server’s are required to be configured and setup to point to Cloudflare. Besides this offering to absorb traffic when there are Distributed Denial-of-Service (DDoS) attacks – and there are alot – it also offer’s website and page level caching.
Afrihost – Afrihost ClientZone – https://clientzone.afrihost.com/en/
Afrihost has a separate ClientZone where the name servers from Afrihost to Cloudflare will need to be changed. This is a simple process as Cloudflare provides a step-by-step guide on how to do this. This is also where the Azure cloud Public IP will be linked as well.
Azure – Azure Portal – https://portal.azure.com/
This is where all the work for Azure is done if you using the Azure cloud portal.
SendGrid – SendGrid App – https://app.sendgrid.com
This URL actually won’t work but I’ve added it here anyway. The way you access SendGrid’s free tier from Azure cloud is to activate it on your subscription. From there within the portal you have to click through to SendGrid and it uses SSO sorcery to link the free tier to the Azure account you use.
Let’s Encrypt – ACME API – https://acme-v02.api.letsencrypt.org/
The Let’s Encrypt ACME API is actually best accessed through the Certbot App that is installed on Ubuntu Linux. There is a step-by-step process that guides you on how to enable the certificates and renewal process. Here you’ll have to SSH into the virtual machine and set it up from Ubuntu’s package manager.
All-in-All we have a good solution architecture overview of how to host your own Content Management System.