Cloud ready CMS

If you are serious about cloud, take a deeper look into Neos CMS.
It was built for the cloud as its main habitat. 
Its decoupled architecture is predestinated to make it run with 
distributed services, non-persistent file systems and of course scalability.


Cloud essentials

But what does "cloud readiness" mean? 
Operating a CMS in the cloud can be quite intricate, especially with a containerized setup.
From our experience, there are some issues to be tackled for the benefits to be fully gained.

Of course, cloud first and foremost attribute to scalability. But with scaling several problems arise that you need to adress. 
Think about sharing your file system across containers, logging, metrics etc. Let's see how Neos deals with those challenges. 


File System
File System

Sharing files across instances should be avoided by any means. Every single instance must be self-contained and independent. Cloud also implies that you have no persistent file system ready, thus you work with Environment Variables rather than a set config.
With Neos, these problems are solved - asset management is loosely coupled and there are many adapters to be used, also read-only. 
Your plugins dont need to know anything about this fact.

Cloud Storage Support
The "StorageInterface" integrates external storage without any difference for the editing workflow. Implementations exist for "Amazon S3" and "Google Cloud Storage".
Cloud / Container Ready
Neos is well prepared to run in a cloud environment. Especially it supports configuration via Environment-Variables and Cloud-Storage. In the community, there is lots of experience to run Neos in Kubernetes or Heroku/Dokku.
Cloud Storage Integration
With the Nextcloud asset source you gain direct access to all your files stored in your private cloud from the media module.
Asset Sources
External Assets can be integrated via "AssetSourceInterface". This allows to connect DAM-Systems as well as Media Libraries.
Logging and Errors
Logging and Errors

In an ephemeral environment, knowing where exactly an error occured is the foundation for proper operation and debugging. With Neos you can take care about logging across your instances since it is completely PSR-3 compatible and can be used with proper backends, e.g. JSON for your ELK-stack or services like papertrail.

Logging & Monitoring

Neos usually logs to files and allows to configure the log levels. Alternatively, Neos supports Graylog, Monolog, Sentry and PSR-3 and can provide Metrics to Prometheus.

PSR 3 - Logging
The logging functionality in Flow implements the official PSR-3 logging interface, therefore making it more standards-compliant and reusable.
Microservices
Microservices

Neos offers a variety of modern web microservices which make it a perfect fit for modern (progressive) web applications combined with static marketing content. Starting with authentication (oAuth2, openID Connect), its PSR-7 compatible HTTP Stack and RESTful APIs and GraphQL, it scores with many developers today.

PSR 7 - HTTP Message
Flow implements the PSR-7 HTTP message interfaces.
Authentication Providers
Neos has built-in authentication via http-basic or login-form. Additional authentication providers allow to connect Neos to external authentication services like LDAP and OAuth2.
Authentication Server
Authenticate and authorize users and services against your Neos user base with a standard compliant OAuth2 Server.
REST
The underlying Neos.Flow framework has a ready-to-use base implementation for Rest controllers.
GraphQL
GraphQL is an open source query and manipulation language that can be used to access data from the Neos content repository.
Security
Security

Managing security in the cloud is something that has to be taken care of, otherwise the potential attack surface is much wider than usual, since the repeat factor also repeats vulnerabilities. This is true for your environment, but also for your application. Neos gives you a very defensive security framework that asks for explicit allowance for every method and has input validation in place.

Security Framework
The security section of the Neos.Flow framework takes care of protecting access, authenticate users and fending off attacks.
Decoupling
Decoupling

If you have the chance, you can decouple services in Neos. There is a host of functions that can be run on different nodes. This holds true for Elasticsearch, Redis, MessageQueues, Mails - and even metrics that help monitoring your systems. All this can be decoupled from your actual Neos environment and run on different nodes. The upcoming Event Source Content Repository offers another cloud-friendly decoupled service.

JobQueue

Resource intensive tasks can be performed asynchronously. Queue Backends for Redis, Beanstalkd, DB and others are available.
ElasticSearch
A powerful search plugin based on "ElasticSearch" is available that offers maximum control over indexing and result prioritization.

Conclusion

Operating a CMS in the cloud is challenging. Neos gives you a wide variety of solutions and it feels at home in the cloud.