What are Barracuda Aegir, Octopus and the LANMP Stack?

I would like to preface this article with credit to the author, omega8cc, and to the aegir team, http://aegirproject.org/.

omega8cc offers full barracuda aegir and "mini-vps" hosting, if you are looking to have it hosted for you, and want to make you own sites, I recommend that service. I am only hosting sites I'm directly involved with building at this point.

What is Aegir?

Aegir is a website hosting system for Drupal. From their site, "The Aegir hosting system allows developers and site administrators to automate many of the common tasks associated with deploying and managing large websites. Aegir makes it easy to install, upgrade, deploy, and backup an entire network of Drupal sites.".

Aegir typically runs on the LAMP stack, Linux/Apache/MySQL/PHP.

What is Barracuda Aegir?

Its a highly automated install script for Aegir, Nginx, MariaDB and PHP on Linux. LANMP stack ;) One may register a domain, get a VPS running Debian/Ubuntu somewhere, and then run this script to get a fully functionally host system set up. It also installs Apache SOLR for searching, Webmin, CSF Firewall, and some other useful tools for server administration that are tested and preconfigured. Its basically a way to get started in your understanding of "what it takes" to successfully host client sites (or maybe just your own).

To get it, go here: https://github.com/omega8cc/nginx-for-drupal

Why would I use Nginx and MariaDB instead of Apache and Mysql?

That's a great question.

The first question of web servers is answered here:

http://www.wikivs.com/wiki/Apache_vs_nginx - some notable quotes,

"nginx is faster at serving static files and consumes much less memory for concurrent requests:

because Nginx is event-based it doesn't need to spawn new processes or threads for each request, so its memory usage is very low
— A little holiday present: 10,000 reqs/sec with Nginx!

Wordpress.com has found nginx to be the only load balancer able to handle 8000 live traffic requests per second.[6]"

The second question of database servers is addressed here:


Some quotes, "For all practical purposes, MariaDB is a binary drop in replacement of the same MySQL version (for example MySQL 5.1 -> MariaDB 5.1). What this means is that:
Data and table definition files (.frm) files are binary compatible.
All client API's, protocols and struct's are identical.
All filenames, binaries, paths, ports, sockets etc should be the same.
All MySQL connectors (PHP, Perl, Python, Java, MyODBC, Ruby, MySQL C connector etc) works unchanged with MariaDB.
The mysql-client packages works also with the MariaDB server."

"Speed improvements
There are some improvements to DBUG code to make its execution faster when debug is compiled in but not used.
We have eliminated/improved some not needed character set conversions. Overall speed improvements is 1-5 % (according to sql-bench) but can be higher for big results sets with all characters between 0x00-0x7f.
Our use of the Aria storage engine enables faster complex queries (queries which normally use disk-based temporary tables). The Aria storage engine is used for internal temporary tables, which should give you a speedup when doing complex selects. Aria is usually faster for temporary tables when compared to MyISAM because Aria caches row data in memory and normally doesn't have to write the temporary rows to disk.
The test suite is extend and now runs much faster than before even if it tests more things."

What is Octopus?

Octopus is a script that rolls out another Aegir instance that can auto-deploy 10+ Drupal platforms, provide sFTP/SSH access with limitations to a client, on another IP address if necessary. Its a way to segregate sites and give your clients their own "mini-Aegir", or "Mini-VPS". Useful for people who want to self-manage, and are capable of using Drush commands and know why they are useful.

Is Aegir an attack Vector for your Drupal sites?

Security is made through effort and care, its never a "given". Aegir has an admin account with a login and password just like anything else. As long as you use secure passwords, and configure the default firewall to block malicious activity, you should be fine. You should be checking your logs, and keeping your software up to date, of course, as Aegir is based on Drupal (a site is a node), so it shares the same vulnerabilities. So, if you believe Drupal is secure, Aegir should get the same credit. If someone gains access, they would have the possibility of shredding the sites you host. However, if you take proper precautions and make backups offsite (say to Amazon or another VPS) then this risk is mitigated.

Anything on the stack is also a possible attack vector, so please make sure your Nginx, MariaDB and Linux OS are also up to date. Security is earned!

Are bug reports difficult to explain using this weird Nginx/MariaDB stack?

Nginx problems can be reported here: http://groups.drupal.org/nginx and Aegir problems here: http://groups.drupal.org/aegir-hosting-system
Drupal 7 also announces support for Nginx server officiallly.
You can also login to IRC #aegir and talk to the crowd, or file a bug report at: https://github.com/omega8cc/nginx-for-drupal/issues/

To date, there are no bugs that are caused by MariaDB, views/cck/panels and nearly every module I've used worked just great. Of course its anecdotal evidence, but if there does happen to be a problem you'd be surprised how much traction this stack is getting.

I hope this is an informative post to anyone who is curious in S. Oregon about why they might use Barracuda Aegir/Octopus. Its really a great way to test out "all that is Drupal", even if you just use the LAMP stack for Aegir.