Tag Archive for Photon

Maximising WordPress Blog Performance with Free CloudFlare CDN

Free WordPress CloudFlare CDN

Just a quick update on a handful of changes I have made / am making to the site, the first of which is hopefully pretty obvious from the post title! I have been meaning to add a CloudFlare CDN to my WordPress site for a very long time, but like all things which involve a bit of complexity and time to implement, I’ve been putting it off!

My blog was recently suffering quite a few issues caused by the performance of my site host (possible news on that upcoming in the next few weeks). I wanted to both mitigate their performance problems, and generally reduce page times to my site as part of my recent efforts to improve SEO for the site. As many of you may know, Google rank sites higher if they have page load times under about 2000 ms (or 2 seconds to us human folk!)

There are many ways to improve site performance in WordPress, but the one with then biggest impact is to introduce a CDN.

So what is a CDN?

If you haven’t heard of a CDN before, it’s a pretty simple concept. You start by registering DNS for your domain with the CDN provider. After this they sit inline and intercept inbound all requests for content from your site (e.g. images, javascript files, static html, etc) and deliver them from local caches logically and physically closer to the requesting browser. Most CDN providers will have these caches (or POPs aka Points of Presence) all over the globe.

This reduces both outbound bandwidth and server resources used on your web server (otherwise known as an Origin Server), leaving it to get on with serving up dynamic content only. (Yes, technically they can also serve dynamic content, but let’s keep it simple for now!)WordPress CDN CloudFlare Free

Why CloudFlare, and who are the alternatives?

For WordPress blogs, there are a number of well-known alternatives you could choose from (assuming you have little to no budget).

  • WordPress project Photon
    • Built into the Jetpack, this will cache much of your content to the WordPress cloud servers. This seems to improve performance a bit, but it’s not perfect. The great thing is that it’s insanely easy to enable, with just one check box. Zero hassle implementation!
  • Amazon CloudFront
    • If you are using AWS, this is a great option, and it’s pretty cheap at about 8-12p per GB of content delivered. You also get 2 million requests and 50GB per month free for the first 12 months on the AWS Free Tier.
  • Imperva Incapsula
    • If you want the ultimate WAF, I highly recommend this. Their pricing is a bit out of my league for this feature on a personal blog though, so at the free or low cost tiers, CloudFlare worked better for my budget! Ironically if you then move to an enterprise support tier (e.g. for a company site), they are very keenly priced vs some of their competitors.
  • CloudFlare
    • Superb free and “pro” tier features. Even at free tier you get free SSL, DDoS mitigation and CDN included!

I obviously went for the latter as it gives me options later on, to upgrade to a cloud-based WAF (Web Application Firewall), for a very reasonable price of only $20 per month. This is particularly useful if you are not so good at regularly updating WordPress or plugins as it will protect many of the most common SQL injection or XSS attack types.WordPress CDN CloudFlare Free

What issues did I have implementing CloudFlare?

So far the switch has been pretty easy and smooth, there were just a few considerations, one of which I have resolved, the others I am still working on.

Firstly, CloudFlare is a pure DNS and CDN provider, they do not provide email hosting or forwarding services as standard. By moving my DNS from my existing provider (ZoneEdit) I lost the email forwarding functionality (I’m lazy and just use a catch-all for the domain). Fortunately I found an article by Chris Anthropic on using MailGun as a free alternative.

Second, I am keen to utilise CloudFlare’s free SSL encryption. I have been messing around trying to get either Flex or Full mode working, but have run into a few problems, which I will probably document once resolved! As far as I can tell this is more down to WordPress than CloudFlare!WordPress CDN CloudFlare Flexible SSL

orWordPress CDN CloudFlare Full SSL

In the mean time, if you go to the HTTPS version of my site you will likely get a few cert errors. These mainly seem to be caused by some objects within pages being HTTP and some HTTPS. This is something I hope to have resolved soon!

Lastly, the massively improved page load times have (as per the theory of constraints) uncovered the next bottlenecks in my system, which mainly seem to revolve around certain plugins I’m using for WordPress. If you want to check your own blog, simply open Chrome developer tools, navigate to the Network Tab, then refresh one of your pages for a very useful picture of the load times on your pages and every object within them:WordPress CDN CloudFlare Free

The Result

So what is the result of all this effort? I seem to have reduced my average page load time down from 5-10 seconds, into the 2.5-3 second range for most pages, and much of that is background loading (i.e. most content appears almost instantly)! I will be working on those plugins to try to get everything under the 2000ms time frame over the next few weeks…

If you aren’t already using a CDN for your WordPress blog (other blog providers are available!), I highly recommend you check out CloudFlare!

Index of Tekhead.it Blog Posts on Docker and Containers

Docker Logo

Hard to believe I wrote my first blog post on Docker in September 2014! Life moves pretty fast. If you don’t stop and look around for awhile, you could miss it! 🙂

The regularity with which my posts are likely to feature Docker or other container technologies is increasing quickly, so I thought it was worthwhile indexing all of the current posts and providing an updated list as this grows. Hopefully, this should make them easier for people to find!

Docker HOWTO Series
Tips and Fixes
Random Posts

Just in case I forget to keep this page updated:
http://tekhead.it/blog/category/docker-2/

docker and container posts

VMworld Europe 2015 Day Three Roundup

Day three was quite simply Cloud Native Apps day for me!

I began in the morning with an internal partner briefing with some of the guys in the CNA team. Needless to say this was really interesting and for me it was a total nerdgasm! I did get a real sense that VMware are certainly not planning to get left behind in this new era, in fact far from it as some of their future plans will push the boundaries of what is already bleeding edge today. For the Pratchett fans amongst you, I would suggest that we are indeed living in Interesting Times!

Immediately following this I legged it down to Hall 8 for the CNA panel session, hosted by VMware CTO Joe Baguley, and featuring some regular faces from the London VMUG including Robbie Jerrom and Andy Jenkins. One of the interesting discussions which came up was about DevOps. DevOps is a nice vision, but developers today understand code, point them at a faulty storage array and they will look at you blankly… There is a skills gap there!

If the entire world is expected to become more DevOps focussed, Infrastructure will have to become a hell of a lot easier, or everything will need to just move to the public cloud. The reverse holds true of course, point most infra guys at something much more complex than a PowerShell / Bash / Perl script and you’re asking for trouble.

A true DevOps culture will require people with a very particular set of skills. Skills they have acquired over a very long career. Skills that make them a nightmare for… (ok I’ll stop now!).

Next was a wee session on the performance of Docker on vSphere. This actually turned out to be a stats fest, comparing the relative performance of Docker running on native tin and virtualised. The TLDR for the session was that running docker in a VM provides a minimal overhead to most things. Slightly more impact on network latency than other resources, but depending on the scale out nature of the solution it can actually perform better than native due to optimal NUMA scheduling.

Consider requirements over performance when looking at how to roll out your container platform. If you are running to performance margins of sub 5-10% on any resource then you have under-designed your infrastructure!

The final session of the day (INF5229) was actually probably my favourite of the whole week. If this is released on youtube I recommend you catch it above any other session! Ben Corrie (Lead Engineer on Project Bonneville) took us through a clear and detailed explanation of the differences between running Docker on Linux inside of a standard VM compared to running vSphere Integrated Containers and Photon.

After a quick overview of some of the basics, Ben then proceeded to do several live demos using a one day old build, inside of his Mac Mini test lab (with he appropriate nod given to Mr William Lam of course)! I’m convinced he must have slaughtered many small animals to the gods of the Demos, as the whole thing went off without a hitch! Perhaps Bill Gates could have done with his help back in 1998!

Most importantly, Ben showed that via the use of vSphere Integrated Containers, you are no longer limited to simply containerising Linux, and the same process can be applied to virtually any OS, with his example being MS-DOS running Doom in a container!!! When cloning Windows VMs, the same technology will be used as last year, which enables the ability to generate a new SID and do a domain join almost instantly.

It’s also worth noting that this is not based on the notoriously compromised TPS, and is all new code. Whether that makes it more secure of course, is anyone’s guess! 🙂

MS-DOS Container under Docker and VIC, running Doom!

MS-DOS Container under Docker and VIC, running Doom!

Once the sessions were all done for the day I wandered down to the Solutions Exchange for the annual “Hall Crawl”, where I was admiring Atlantis Computing CTO Ruben Spruijt’s Intel NUC homelab, running in a hyper converged configuration. The only negative I would suggest is that his case is the wrong way round!

IMG_0103

The day finished off with the VMworld party, and a great performance from Faithless on the main stage. As a Brit, this was a great choice, but I did see a few confused faces from many of our EU counterparts, at least until Insomnia started playing!

Day Three QotD

Robbie Jerrom produced Quote of the Day for me on the CNA panel (which was where my Quote of the Event came from, but more of that later). It is very simple but succinct in getting across a relatively complex subject:

A micro service does one thing, really well.

 

VMworld Europe 2015 Day One Roundup – Partner Day

Well it has to be said that day one went off with a bang this year indeed (not least due to all the buzz about the Dell / EMC acquisition)!

Having arrived late on Sunday night, we still made it into the Fira Gran Via for 8.30am on Monday morning to register, have a wander round and hit the Hands on Labs before they started to get busy. I immediately got stuck into HOL-SDC-1630 Cloud-Native Apps: Bringing Microservices and Containers to the Software-Defined Data Centre. As the buzz on the street at this years event is all about Cloud Native Apps, I suspect this one will feature in the top 10 labs by the end of the week! For those people not attending VMworld, you should be able to get access to it soon after the event at http://labs.hol.vmware.com.

First lab out of the way, I headed along to Hall 8 for some of the partner event sessions. Obviously I can’t go into masses of detail but suffice to say that the first session was delivered by the inimitable orator, Joe Baguely on the subject of CNA. For me, he really brought things in to focus as he explained that his teenage daughter was already onto her 3rd bank, with the most recent being chosen based on the quality of the mobile banking app provided with her account. This really brings home the idea that many of the older companies around today need to start innovating, soon, or risk becoming irrelevant to the next generation!

After a pretty decent bit of lunch Chris Crafford talked us through some considerations and approaches for transforming legacy apps into something which looks a bit more cloudy / microservice-y. The key takeaway from this session for me was not to try to boil the ocean and redevelop your entire legacy application in one go unless you absolutely have to. Rather think about adding new features driven by business requirements and targeting existing performance bottlenecks using microservices instead, That way you can start to see more immediate benefits to your applications without running the risk of a massive redevelopment falling flat on its face!

My last session of the day was from Andy Kennedy, on the subject of “Factors to Consider as Part of a Holistic Security Architecture”. In summary this session gave some great insight into some of the challenges currently face in traditional security designs, and how NSX can help to solve them, with a liberal sprinkling of candour as to where NSX may not meet every requirement, and in those situations how to augment solutions with third party products. A refreshing view indeed! We also got a little insight into some of the announcements coming this week on the NSX front – interesting times indeed!

Finally I spent the evening catching up with new and old faces alike, at the VMware vExpert event at the Elephant bar & restaurant. The atmosphere was excellent, with many great conversations to be had. One of the most interesting to me was with CEO and co-founder of RuneCast, VCDX 74, and all round nice chap, Stanimir Markov. His company has come up with an idea which seems so incredibly simple I don’t know why nobody thought of it first, but these guys did and with any luck they will be very successful indeed!

Put simply, my understanding is that they monitor all of the latest KB articles from VMware, then via the use of their analyser appliance, they scan your environment configuration and logs to check whether you are potentially impacted by any emerging issues, faults or threats. This allows you to then mitigate them before they occur. What a great idea! If you want to find out more about them, I believe they have a booth at the Solutions Exchange, or you can check them out at https://www.runecast.biz. Well worth a conversation indeed, I’d say!

Anyway it’s getting late, so I’ll simply sign off with my favourite quote of the day today, curtesy of Mr Kennedy, which frankly sums up the optimum approach to IT Architecture IMHO:

A simple solution deployed well is far more effective than a complex solution deployed badly.

%d bloggers like this: