What's the best approach for managing multiple sites for an enterprise Drupal roll-out? What are the factors to consider? This post will be an evolving exploration of the question, with, hopefully, some clarity on the tail end.
My personal involvement in this discussion had a piece-meal approach, as my company was deploying single sites at a time (though we've done multi-site in the past) Aegir had some appeal but the cost of introducing it into a system for different clients was a first blush unwarranted and inefficient.
The Goal: hosting and managing multiple Drupal-based sites
- Does not compromise remote server security
- Reduce the complexity and increase the efficiency of managing common code across divergent applications
- Reduce the costs associated with hosting, such as multiple domains and multiple workflow sites
- Minimize the impact of keeping Drupal core and modules current without impact site form and function
Strategic considerations: several mainstream approaches to managing multiple sites:
- Drupal Multisite (a "core" feature of Drupal)
- The community project Aegir
- The commercial Droptor project
- Pantheon's commercial "Zeus" product.
- Puppet "malclocke" discusses his puppet-based workflow here.
The Associated Problems
Multisite vulnerability: a single point of failure;
- One site is consuming asymmetric resources,
- Buggy code affecting all sites
- What factors impact running update.php across multisite sites?
- All subsites share all modules present in sites/all/modules
- A malicious coder can access sensitive information shared across sites, such as browse the files of other MS sites or access the settings.php files, getting database connection information, and db dumps as well. There's a good discussion of that matter here.
- Complexity of deployment
- Complexities increases as each site diverges from initial spec
- Requires root access to remote servers
- Best for monolithic deployments
- Reliance on a third-party for a core service
- A step removed from the community
Apache memory and performance issues:
- Multisite hosting x sites on a single apache instance
- Makes good use of shared code
- Updating one drupal root updates all sites
- Mutliple vhost sites on a single server instance
- Multiple vhost sites spread across mutliple server instances
- Must push updates to all sites
- Each site only has needed modules
To be continued…
Dan Powell, offline, suggests that Aegir 2.0 + Drupal 8 may make significant headway towards keeping remote changes locally synced.