Cloud ready CMS
If you are serious about cloud, take a deeper look into Neos CMS.
It was built for the cloud as its main habitat.
Its decoupled architecture is predestinated to make it run with
distributed services, non-persistent file systems and of course scalability.
Cloud essentials
But what does "cloud readiness" mean?
Operating a CMS in the cloud can be quite intricate, especially with a containerized setup.
From our experience, there are some issues to be tackled for the benefits to be fully gained.
Of course, cloud first and foremost attribute to scalability. But with scaling several problems arise that you need to adress.
Think about sharing your file system across containers, logging, metrics etc. Let's see how Neos deals with those challenges.
Sharing files across instances should be avoided by any means. Every single instance must be self-contained and independent. Cloud also implies that you have no persistent file system ready, thus you work with Environment Variables rather than a set config.
With Neos, these problems are solved - asset management is loosely coupled and there are many adapters to be used, also read-only.
Your plugins dont need to know anything about this fact.
In an ephemeral environment, knowing where exactly an error occured is the foundation for proper operation and debugging. With Neos you can take care about logging across your instances since it is completely PSR-3 compatible and can be used with proper backends, e.g. JSON for your ELK-stack or services like papertrail.
Neos usually logs to files and allows to configure the log levels. Alternatively, Neos supports Graylog, Monolog, Sentry and PSR-3 and can provide Metrics to Prometheus.
Neos offers a variety of modern web microservices which make it a perfect fit for modern (progressive) web applications combined with static marketing content. Starting with authentication (oAuth2, openID Connect), its PSR-7 compatible HTTP Stack and RESTful APIs and GraphQL, it scores with many developers today.
Managing security in the cloud is something that has to be taken care of, otherwise the potential attack surface is much wider than usual, since the repeat factor also repeats vulnerabilities. This is true for your environment, but also for your application. Neos gives you a very defensive security framework that asks for explicit allowance for every method and has input validation in place.
If you have the chance, you can decouple services in Neos. There is a host of functions that can be run on different nodes. This holds true for Elasticsearch, Redis, MessageQueues, Mails - and even metrics that help monitoring your systems. All this can be decoupled from your actual Neos environment and run on different nodes. The upcoming Event Source Content Repository offers another cloud-friendly decoupled service.
JobQueue
Conclusion
Operating a CMS in the cloud is challenging. Neos gives you a wide variety of solutions and it feels at home in the cloud.