AEM in Cloud

In the world of digital marketing today, providing a quick, secure, and seamless experience is crucial. A quicker time to market might be a differentiation, and it is crucial to reach a larger audience across all devices. Businesses are relying on cloud-based solutions to increase corporate agility, seize new opportunities, and cut costs.

Managing your marketing content and assets is simple with AEM. There are many advantages to using AWS to run AEM, including improved business agility, better flexibility, and lower expenses.

AEM & AWS a Gift for you:-

We knows about AEM as market leader in the Digital marketing but AWS is having answer for almost all the Architectural concerns like global capacity, security, reliability, fault tolerance, programmability, and usability.

So now AEM become more powerful with the power of AWS and gaining more popularity than the on-premises infrastructure.

Limitless Capacity

This combination gives full freedom to scale all AEM environments speedily in cost effective manner, addition is now more easy, In peak traffic volume where requests are very huge or unknown then AEM instance need more power or scaling . Here friend AWS come in to picture for rescue as the on-demand feature allows to scale all workloads. In holiday season, sporting events and sale events like thanks giving etc. AWS is holding hand of AEM and say

"Hey don't worry I am here for you, i will not left you alone in these peak scenario"

When AEM require upgrade but worried about other things like downtime backup etc then also AWS as friend come and support greatly with its cloud capability. It streamlines upgrades and deployments of AEM.

Now it become easy task with AWS. Parallel environment is cake walk now, so migration and testing is much easier without thinking of the infrastructure difficulties.

Performance testing from the QA is much easier without disturbing production. It can be done in AEM production-like environment. Performing the actual production upgrade itself can then be as simple as the change of a domain name system (DNS) entry.

Sky is no limit for AEM with AWS features and Capabilities :

As a market leader AEM is used by customers as the foundation of their digital marketing platform. AWS and AEM can provide a lot of third part integration opportunity such as blogs, and providing additional tools for supporting mobile delivery, analytics, and big data management.

A new feature can be generated with AWS & AEM combination.Many services like Amazon Simple Notification Service (Amazon SNS), Amazon Simple Queue Service (Amazon SQS), and AWS Lambda, AEM functionality easily integrated with third-party APIs in a decoupled manner. AWS can provide a clean, manageable, and auditable approach to decoupled integration with back-end systems such as CRM and e-commerce systems.

24*7 Global Availability of AEM with Buddy AWS

A more Agile and Innovative requirement can fulfill by cloud transition. How innovation and how much Agile, in previous on-premise environment for any innovation need new infrastructure and more capital expenditure (Capex). Here again the golden combination of AWS and AEM will make things easier and agile. The AWS Cloud model gives you the agility to quickly spin up new instances on AWS, and the ability to try out new services without investing in large and upfront costs. One of the feature of AWS pay-for-what-you-use pricing model is become savior in these activities.

AWS Global Infrastructure available across 24 geographic regions around the globe, so enabling customers to deploy on a global footprint quickly and easily.

Major Security concerns handled with High-Compliance

Security is the major concern about any AEM website. AWS gifts these control and confidence for secure environment. AWS ensure that you will gain the control and confidence with safety and flexibility in secure cloud computing environment . AWS, provides way to improve ability to meet core security and compliance requirements with a comprehensive set of services and features. Compliance certifications and attestations are assessed by a third-party, independent auditor.

Running AEM on AWS provides customers with the benefits of leveraging the compliance and security capabilities of AWS, along with the ability to monitor and audit access to AEM using AWS Security, Identity and Compliance services.

In the previous parts (1,....8,9 , 10 &11) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more on AEM eCommerce and Adobe Creative cloud .In the last part we have discussed how we can use AEM as AEM cloud open source with effortless solution to take advantage of AWS, that one is first part of the story. We will continue in this part more interesting portion in this part.

As promised in the in part 8, We started journey of AEM OpenCloud , in the earlier part we have explored few interesting facts about it .In this part as well will continue see more on AEM OpenCloud, a variant of AEM cloud it provide as open source platform for running AEM on AWS.

I hope now you ready to go with this continues journey to move AEM OpenCloud with open source benefits all in one bundled solutions.

So let set go.....................

After AEM OpenCloud Full-Set Architecture & Consolidated Architecture and environment management in previous parts we have seen, how it arrange and work to deliver full functionality.

Now we will see more on security of these environments and more from this.

Security:-

The security of the AEM hosting environment can be broken down into two areas: 1st)Application security and

2nd)Infrastructure security.

A crucial first step for application security is to follow the Security Checklist for AEM and the Dispatcher Security Checklist.

The checklist is meant to be applied from top to bottom.

Security Checklist for AEM

Main Security Measures.

-Run AEM in Production Ready Mode

-Enable HTTPS for transport layer security

-Install Security Hotfixes

-Change Default Passwords For the AEM and OSGi Console Admin Accounts

-Implement Custom Error Handler

-Complete Dispatcher Security Checklist

Verification Steps

-Configure replication and transport users

-Check the Operations Dashboard Security Health Checks

-Check if Example Content is Present

-Check if the CRX development bundles are present

-Check if the Sling development bundle is present

-Protect against Cross-Site Request Forgery

-Some OSGI Settings

These checklists cover various parts of security considerations, from running AEM in production mode to using mod_rewrite and mod_security modules from Apache to prevent Distributed Denial of Service (DDoS) attacks and cross site scripting (XSS) attacks.

Dispatcher Security Checklist:-

-Use the Latest Version of Dispatcher

-Restrict Clients that Can Flush Your Cache

-Enable HTTPS for transport layer security

-Restrict Access

-Make Sure Access to Administrative URLs is Denied

-Use Allowlists Instead Of Blocklists

-Run Dispatcher with a Dedicated System User

-Prevent Denial of Service (DoS) Attacks

-Configure Dispatcher to prevent CSRF Attacks

-Prevent Clickjacking

-Perform a Penetration Test

From an infrastructure level, AWS provides several security services to secure your environment. These services are grouped into five main categories – network security;data protection; access control; detection, audit, monitoring, and logging; and incident response.

In this interesting journey we are continuously walking through AEM OpenCloud an open source variant of AEM and AWS. Few partner provide quick start for it in few clicks.So any this variation very quicker and effortless variation which gives deliver holistic, personalized experiences at scale, tailoring each moment of your digital marketing journey.

For more details on this interesting Journey you can browse back earlier parts from 1-11.

In the previous parts (1,2,3,4,5,6,7,8,9 & 10) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more on AEM eCommerce and Adobe Creative cloud .In the last part we have discussed how we can use AEM as AEM cloud open source with effortless solution to take advantage of AWS, that one is first part of the story. We will continue in this part more interesting portion in this part.

As promised in the in part 8, We started journey of AEM OpenCloud , in the earlier part we have explored few interesting facts about it .In this part as well will continue see more on AEM OpenCloud, a variant of AEM cloud it provide as open source platform for running AEM on AWS.

I hope now you ready to go with this continues journey to move AEM OpenCloud with open source benefits all in one bundled solutions.

So let set go.....................

After AEM OpenCloud Full-Set Architecture in earlier part -10 we have seen how it arrange and work to deliver full functionality.

Now another variation we will see how it fit into your AEM solution for digital marketing .

Consolidated Architecture:-

A consolidated architecture is a cut-down environment where an AEM Author Primary, an AEM Publish, and an AEM Dispatcher are all running on a single Amazon EC2 instance.

This architecture is low-cost alternative suitable for development and testing environments. This architecture also offers those three types of backup, just like full-set architecture, where the backup AEM package and EBS snapshots are interchangeable between consolidated and full-set environments.

This option is useful, to restore production backup from a full-set environment to multiple development environments running consolidated architecture.

Another use case is to upgrade an AEM repository to a newer version in a development environment, which is then pushed through to testing, staging, and eventually production.

Now both require environment management full-set and consolidated architectures.

Environment Management :-

To manage multiple environments with a mixture of full-set and consolidated architectures, AEM OpenCloud has a Stack Manager that handles the command executions within AEM instances via AWS Systems Manager(described as below in picture) .

These commands include taking backups, checking environment readiness, running the AEM security checklist,enabling and disabling CRXDE and SAML, deploying multiple AEM packages configured in a descriptor, flushing AEM Dispatcher cache, and promoting the AEM Author Standby instance to Primary.

Other than the Stack Manager, there is also AEM OpenCloud Manager which currently provides Jenkins pipelines for creating and terminating AEM full-set and consolidated architectures, baking AEM Amazon Machine Images(AMIs), executing operational tasks via Stack Manager, and upgrading an AEM repository between versions, (i.e. from AEM 6.2 to 6.4, or from AEM 6.4 to 6.5)

AEM OpenCloud Stack Manager

In this interesting journey we are continuously walking through AEM OpenCloud an open source variant of AEM and AWS. Few partner provide quick start for it in few clicks.So any this variation very quicker and effortless variation which gives deliver holistic, personalized experiences at scale, tailoring each moment of your digital marketing journey.

For more details on this interesting Journey you can browse back earlier parts from 1-10.

In the previous parts (1,2,3,4,5,6,7,8 & 9) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more on AEM eCommerce and Adobe Creative cloud .In the last part we have discussed how we can use AEM as AEM cloud open source with effortless solution to take advantage of AWS, that one is first part of the story. We will continue in this part more interesting portion in this part.

As promised in the in part 8, We started journey of AEM OpenCloud , in the earlier part we have explored few interesting facts about it .In this part as well will continue see more on AEM OpenCloud, a variant of AEM cloud it provide as open source platform for running AEM on AWS.

I hope now you ready to go with this continues journey to move AEM OpenCloud with open source benefits all in one bundled solutions.

So let set go.....................

Continued....

AEM OpenCloud Full-Set Architecture

AEM OpenCloud full-set architecture is a full-featured environment, suitable for PROD and STAGE environments. It includes AEM Publish, Author-Dispatcher, and Publish-Dispatcher EC2 instances within Auto Scaling groups which (combined with an Orchestrator application) provide the capability to manage AEM capacity as the instances scale out and scale in according to the load on the Dispatcher. Orchestrator application manages AEM replication and flush agents as instances are created and terminated. This architecture also includes chaos-testing capability by using Netflix Chaos Monkey, which can be configured to randomly terminate either one of those instances within the ASG , or allow the architecture to live in production, continuously verifying that AEM OpenCloud can automatically recover from failure.

Netflix Chaos Monkey:-

Chaos Monkey is responsible for randomly terminating instances in production to ensure that engineers implement their services to be resilient to instance failures.

AEM Author Primary and Author Standby are managed separately where a failure on Author Primary instance can be mitigated by promoting an Author Standby to become the new Author Primary as soon as possible, while a new environment is being built in parallel and will take over as the new environment, replacing the one which lost its Author Primary.

Full-set architecture uses Amazon CloudFront as the CDN, sitting in front of AEM Publish-Dispatcher load balancer, providing global distribution of AEM cached content.

Full-set offers three types of content backup mechanisms: AEM package backup, live AEM repository EBS snapshots (taken when all AEM instances are up and running), and offline AEM repository EBS snapshots (taken when AEM Author and Publish are stopped). You can use any of these backups for blue-green deployment, providing the capability to replicate a complete environment, or to restore an environment from any point of time.

On the security front, this architecture provides a minimal attack surface with one public entry point to either Amazon CloudFront distribution or an AEM Publish-Dispatcher load balancer, whereas the other entry point is for AEM Author-Dispatcher load balancer.

AEM OpenCloud supports encryption using AWS KMS (Encryption Cryptography Signing - AWS Key Management Service ) keys across its AWS resources.

The full-set architecture also includes an Amazon CloudWatch Monitoring Dashboard (Using Amazon CloudWatch dashboards - Amazon CloudWatch) which visualizes the capacity of AEM Author-Dispatcher, Author Primary, Author Standby, Publish, and Publish-Dispatcher, along with their CPU, memory, and disk consumptions.

Amazon CloudWatch Alarms(Using Amazon CloudWatch alarms - Amazon CloudWatch) are also configured across the most important AWS resources, allowing notification mechanism via an SNS topic(Setting up Amazon SNS notifications - Amazon CloudWatch).

In this interesting journey we are continuously walking through AEM OpenCloud an open source variant of AEM and AWS. Few partner provide quick start for it in few clicks.So any this variation very quicker and effortless variation which gives deliver holistic, personalized experiences at scale, tailoring each moment of your digital marketing journey.

For more details on this interesting Journey you can browse back earlier parts from 1-9.

In the previous parts (1,2,3,4,5,6,7&8) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more on AEM eCommerce and Adobe Creative cloud .In the last part we have discussed how we can migrate AEM to the AEM cloud .

As promised in the last part , here we come with the AEM OpenCloud .In this part as well will see more focus on AEM OpenCloud, a variant of AEM cloud it provide as open source platform for running AEM on AWS.

I hope now you ready to go with this journey to move AEM OpenCloud with open source benefits all in one bundled solutions.

So let set go.....................

Open source platform for running AEM on AWS

What will achieve from it:-

CLOUD READY

HIGHLY CUSTOMISABLE

SECURITY FOCUSED

Opensource :-The whole AEM OpenCloud code base is open source and available on GitHub with Apache 2 license. There is no vendor lock-in, you can fork all repositories any time you want.You are free to use AEM OpenCloud on your own.You are free to use AEM OpenCloud on your own or engage with the Shine Solutions Group for custom use cases and implementation support.

As we have seen AEM OpenCloud is an open-source platform for running AEM on AWS.

It offers an out-of-the-box solution for provisioning AEM architecture with

1)auto-scaling,

2)auto-recovery,

3) CDN,

4)multi-level backup,

5)bluegreen deployment,

6)repository upgrade,

7)security, and

8)monitoring capabilities

by leveraging AWS services.

"Reduce costs and cut delivery time by half"

Technical Overview and Resources:-

Highly configurable & customisable:-

Hundreds of configuration parameters with sane defaults. Multiple build and runtime customisation points.

AWS-optimised modular design:-

AWS is the industry-leading platform supported by AEM OpenCloud, however the open source libraries provide the building blocks to support other cloud platforms.

Security focused:-

Architecture design has a minimal blast radius, and there is regular dependencies vulnerability scanning.

Two architectures:-

A Full-set architecture that suits prod/pre-prod environments, with auto-recovery and auto-scaling, blue/green deployment, and multi-level backup. An AEM Consolidated Architecture to suit dev and test environments, with a lower cost tiny footprint.

AEM OpenCloud supports multiple AEM versions from 6.2 to 6.5, using Amazon Linux 2 or RHEL7 OS, with two architecture options(as hinted above):

1.full-set and 2.consolidated. This platform can also be built and run in multiple AWS Regions. It is highly configurable and provides a number of customization points where users can provision various other software into their AEM environment provisioning automation.

AEM OpenCloud is available through the AEM OpenCloud on AWS Quick Start, an architecture based on AWS best practices you easily launch in a few click.

AEM OpenCloud on AWS Quick Start:-

This Partner Solution deploys an Adobe Experience Manager (AEM) OpenCloud architecture on the Amazon Web Services (AWS) Cloud with high-availability features, which includes Amazon Elastic Compute Cloud (Amazon EC2) Auto Scaling, Elastic Load Balancing, and Amazon CloudFront.

This deployment of AEM OpenCloud uses two instances each for Author-Dispatcher, Publish-Dispatcher, and Publish across multiple Availability Zones. Amazon CloudWatch alarms are configured to monitor the average CPU utilization of the Publish-Dispatcher Auto Scaling group. The Orchestrator application manages AEM replication and flush agents as instances are created and terminated.

In this interesting journey we are walking through AEM OpenCloud an open source variant of AEM and AWS. Few partner provide quick start for it in few clicks.So any this variation very quicker and effortless variation which gives deliver holistic, personalized experiences at scale, tailoring each moment of your digital marketing journey.

For more details on this interesting Journey you can browse back earlier parts from 1-8.

In the previous parts (1,2,3,4,5,6 &7) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more and AEM eCommerce.In the last part we have visited with Adobe Creative cloud part .

In this part as well will see more focus on movement or migration of AEM on-premise to cloud to best fit into this combination.

I hope now you ready to go with this journey to move AEM form On premise to the cloud with its best buddy AWS to enrich a lot of blessing to the digital marketing persons.

So let set go.....................

However this look like very tough and complex task but careful preparation and planning, can drive a smooth migration.

Prerequisite for the migration or pre-preparation:-

a)Archive your data.

b)Allocate sufficient time.

c)Preset the infrastructure.

Planning Before the migration:-

a)Schedule migration.

b)Freeze the content.

c)Test migrations.

High level view of Migration Process

In case there is no CDN in front of load balancing and the switch needs to be directly on domains. Ensure that both environments are running in parallel and switch as few sites as possible one by one.

Choose a less traffic site with minimal impact and perform switch etc operation on it then start testing. If require then fix manually and then fix in the process.

Before migrating the AEM to AWS , we must know about ways. There are 2 way of the migrations:

1. Without Adobe involvement:-Directly go to AWS (Amazon Web services) and Start AEM instances from there.

2. With Adobe involvement:-But better recommended way is first go to AMS (Adobe Managed Services), and then Adobe host your AEM instances either on AWS as per your request. Here Adobe involve into complete process and manage this entire show.

1st way of migration required following decisions :-

1. Select VM’s as size, type etc.

2. Design the VPN.

3. Create the AutoScaling group(ASG).

4. Create S3 bucket for assets.

5. Create the load balancer (LB).

6. Setup Jenkins and repository.

7. Decide the CDN from cloud front or third party.

Deployment with partner or self-owned

Responsibility owned by organization for the deployment and maintenance , it required skill set of AEM, AWS and devOps as well. Or with AWS APN(AWS partner network) it can be done.

Now we will throughway in AMS(AEM Managed Service) area.

It is managed by AEM in this migration journey . Quicker, easier and more accurate in very short time span. It come with best practices and support of Adobe. Cloud Manager is main part of AEM manage service , it gives administrative features to the organization, for self-manage AEM in the cloud. It includes a continuous integration and continuous delivery (CI/CD) pipeline with performance and security.

AWS EC2 family is best suited for Author and Publish instance , as it require CPU, I/O and memory.

EC2 M5 family have some advance compute power and also provide the network and broad storage of workloads and they have good local storage too.

AEM Dispatcher is provides the additional security , caching, load balancing which require I/O, compute power and memory. Here EBS I/O optimized volume of AWS is best fit.

Adobe recommend minimum 4 core CPU with 16GB RAM

Post-Migration tasks

The CDN switch: Only when all issues are fixed, switch on the CDN side for the less traffic site, testing and rectify issue. Each CDN switch might take from 10-30 minutes to be applied, It is alwayse better to switch in phases at least 3-5 phases.

Load Balancer:- As we know why we are using the load balancer i.e to distribute the traffic.

Classic Load Balancer versus ALB

Switching from a Classic Load Balancer to an Application Load Balancer (ALB) is highly advised as it enables a lot of possibilities.

For example, one ALB can hold multiple certificates, so you can support multiple domains. An ALB can also have different target groups based on the hostname, which allows you to use the same load balancer to handle multiple interactions. For example, 80/443 ports are open for web access and some other ports are open for deployments of target groups based on the hostname.

The Application Load Balancer has deletion protection and, in the case of debugging, you can do a request tracking.

Scaling:- In order to overcome CPU/EC2 is failing then we can configure the auto scaling so whenever when there is health issues on the EC2 it will create the new EC2/CPU and redirect the traffic over there.

Content delivery:- This is used for caching layer in AWS we use cloudFront but you can use 3rd party (CDN).

Dynamic Content:- To incorporate dynamic elements in a static page, the recommended approach is to use client-side JavaScript, Edge Side Includes (ESIs), or web server level Server Side Includes (SSIs). Within an AWS environment, ESIs can be configured using a solution such as Varnish, replacing the dispatcher.

S3 :- It is used to store the binary data and back up management related stuff.

Tools to simplify the migration process and management

Apply server: Using the apply server, you can enable your setup to be much more automated. In some cases, you might not have the luxury of using a fully-fledged configuration management system like Puppet or Chef, and there may be a need for something more flexible with regards to releases and deployments. With the apply server, you don't need that flexibility. It is a tiny tool that can be put into place and whose specific actions you can control. This makes use of HTTP/S and no longer requires SSH access.

Shell2http: Shell2http is a tool that allows you to configure specific commands on a specific host. In practice, we use it to allow people to clear the cache on host machines via URL without giving them access to the machine console. This allows us to configure additional terminal commands that can be used on the machine if necessary.

Puppet (configuration management): We utilize Puppet as our main configuration management tool across our projects. Puppet has a repository in Git that is split depending on the project; based on the machine hostname it detects the environment and role.

Git (version control): Git is our main distributed version control system, which we utilize for maintaining application configuration files and application code within it. We utilize Jenkins to build application packages (that are maintained by Puppet on the machines), which also includes application configuration files.

Jenkins (ci/cd): As Puppet maintains only machine configuration files, the packages built by Jenkins have application configuration files included in them as well. The application configuration files are split by environments and roles to ensure we apply the correct configuration to the correct machine.

Nexus (software repository): Developers upload created packages for deployment to Nexus, the package repository manager. Jenkins then takes the package or packages from Nexus and uploads them to a target machine where it triggers their installation.

Terraform: It enables users to define and provision a datacenter infrastructure using a high-level configuration language known as Hashicorp Configuration Language, or optionally JSON.

Here after this migration , Cloud benefits and feature can leverage but it require a lot of effort and phase. It require handle concerns as well. But there is another player in the market which can make our life easier.

So welcome our new champ in this area AEM OpenCloud.

A very brief intro about AEM OpenCloud(we will see in detail in the coming parts)

It include AEM publish dispatcher , author dispatcher, publisher EC2 instance with auto scaling group which will scale out and in according to the traffic on the dispatcher. Also include the testing capability.

AEM openCloud helps to handle the command execution within the AEM. This include the taking backups, disabling and enabling the crx/de , SAML, deploying the multiple AEM package , AEM security checklist etc. Helps in upgrading the repository.

Security of AEM and AWS :-

Infrastructure level Security:-AWS provide the several services for the security to secure the infrastructure.

Application level Security:- AEM security checklist with the dispatcher security checklist. Mainly security aspect right from the AEM in production mode to using mod_rewrite and mod_security modules from Apache to prevent Distributed Denial of Service (DDoS) attacks and cross site scripting (XSS) attacks.

Automated Deployment :-

AWS provides API access to all AWS services, Many of the various commands to deploy code or content, or to create backups, etc. For CI/CD process with the use of Jenkins as a central hub, invoking AEM functionality through CURL or similar commands.

In this journey we walk through AEM & AWS migration and AEM Open Cloud. So any this combination deliver holistic, personalized experiences at scale, tailoring each moment of your digital marketing journey.

In the previous parts (1,2,3,4,5 & 6) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more.In the last part we have visited with AEM eCommerce part .

In this part as well will see more on the another flavor of AEM which is already familiar with cloud side of this combination.

Now ready to go with with Adobe Experience Manager (AEM) Cloud Management aka AEM Cloud.

Adobe Experience Manager (AEM) Cloud Management is SaaS(Software-as-a-Service) that reduced time and costs for provisioning and managing Web Experience Management (WEM) or Web Content Management (WCM) used in digital marketing solutions .

AEM Cloud Management ready to takes advantage of cloud with Amazon Web Services (AWS) Cloud Hosting, to start any AEM digital solutions rapidly and consistently. It save a lot of hardware cost for the initial setup , which required to pay in starting of the solution. This leads quicker to market and global enterprise reach very easy and quickly. So it rapidly engage customers, drive market shares, and focus on innovation.

Adobe is emerging leader in the digital market it evolves a lot of tool to support digital solutions and enrich the user experience. Also it is making footprint to increase the reach with cloud platform . So Adobe emerging its solution available into digital marketing. Here Adobe's own cloud champ is coming into picture "Adobe CC" or "Adobe Creative Cloud".

Adobe Creative Cloud:-

Adobe Creative Cloud(Adobe CC) is collection of very useful tools or software application for different platform i.e.Window ,iOS , Android etc. Basically they support to creative professionals, designers, and marketing professionals to create content.

Many Creative Cloud applications are available individually, or as part of a comprehensive suite.

Adobe Creative Cloud applications are widely used by professionals in digital marketing field for creating , designing and publishing digital marketing solutions for various needs.

Adobe Premiere Pro, is an example of a non-linear video editing tool. Adobe Creative Cloud next powerful applications for print design is InDesign . A well known name is already famous Photoshop , it used by every major magazine publisher and new website.

Adobe Creative Cloud is a tool for enabling both creativity and collaboration. The Creative Cloud provides applications to work on projects including video editing, mobile design and even desktop publishing.

Creative Cloud for teams includes the entire collection of Creative Cloud desktop applications including Adobe Photoshop CC, Adobe Illustrator CC, etc. plus services and business features for teams and small to medium-sized organizations.

Main Advantage of Adobe CC:-

Adobe is mainly focusing on digital media and digital marketing.

Adobe decided to focus more on AWS because of strong API set.

AWS allow to deploy, integrate their automation system in to AWS provide very efficient environment for digital market and eCommerce.

Quicker time to market and ROI.

Flexibility in pricing based on subscription.

Scaling on demand to handle future and peak incoming request.

Good relationship with AWS as vendor .

Reduce Opex(operational expenditure) , so more investment on development & innovation.

Till here we are able to understand this variation Adobe solution which have cloud ready and giving a lot of feature with benefits .

AEM cloud provisioning

AEM cloud is provisioned on public clouds with one Dispatcher, one Publish instance, and one Author instance by default.

Dispatcher: Amazon EC2 instance launched from an Amazon Machine Image (AMI) .

Publish : Amazon EC2 instance launched from an AMI with Elastic Block Store (EBS) storage. Adobe AEM is installed on the persistent EBS storage in the /mnt/crx folder.

Author : Amazon EC2 instance launched from an AMI with EBS storage . Adobe AEM is installed on the persistent EBS storage in the /mnt/crx folder.

Backups: Backups are triggered using the AEM backup feature and then copied automatically to the Amazon Simple Storage Service (Amazon S3) using your Amazon credentials.

Topologies:

Development/Testing: 1 Author instance, 1 Publish instance, and 1 Dispatcher with no load balancer.

Staging/Production: 1 Author instance, 1 Publish instance, 1 Dispatcher, and a load balancer in front of the Dispatcher.

Creative Cloud Architecture

Infrastructure:

AWS services can use into flowing combination :-

S3, KMS, EC2: ELB, EBS, Snapshoting, Dynamic DB, VPC, SQS, SNS, SES, RDS, ELASTIC CASHE, CLOUD FORMATION, ROUTE 53, Cloudwatch, Cloudtrail, IAM,elastic cache MongoDB, Redshift, kinesis.

In this journey we walk through AEM & AWS for Adobe CC aka Creative cloud to provide solutions to transform your business digitally. So any Adobe CC solution deliver holistic, personalized experiences at scale, tailoring each moment of your digital marketing journey.

In the previous parts (1,2,3,4 & 5) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how they are structured together to give more.

In this part as well will see more on the eCommerce side of this combination.

Before going into this section of house , we want to go with eCommerce and content chemistry.

We got one picture in the house presenting AEM capabilities as content required in eCommerce.

Enhanced shopping experience with Adobe Commerce

Adobe Commerce, companies can integrate digital and physical shopping experiences

Best-in-class cloud-based omnichannel solutions, including in-store, retail associate, and order management technologies.

Adobe Commerce increases the rate you can provision your e-commerce to scale globally. It also offers flexibility for B2C and B2B experiences built on a headless, extensible architecture.

Adobe Commerce’s extensibility platform

Adobe Commerce’s extensibility platform and AWS services—such as Amazon Personalize, Amazon Connect, and Analytics on AWS — deliver omnichannel fulfillment and self-service.

Campaign Management Across Multichannel

Amazon AppFlow with Marketo Engage to securely transfer data between AWS services and cloud applications.

The fully-managed integration enables organization to expand the features of Marketo Engage. Organization select sales Leads and Activities Objects in Marketo and move them into AWS Services e.g.

Amazon S3, Amazon Redshift, or Amazon Lookout for Metrics.

Organization can also sync objects with CRM, Snowflake, and Upsolver and create new Leads objects in Marketo based on this data.

Adobe Experience Platform can generate value with data stored in AWS Analytics solutions. Data can ingest from various sources like Adobe applications, cloud-based storage, databases, etc.

Adobe Workfront :Marketing Process Optimizer

Adobe Workfront and AWS can serve as the blueprints for a marketing project, starting from campaign completion to process optimization.

Adobe Workfront delivers a 285% return on investment (ROI) for enterprise organization.Adobe Workfront and AWS provide an enterprise-grade, cloud-based work management platform that enables marketers to plan, predict, collaborate, evolve, and deliver their best work.

All necessary metadata is retained for real-time cataloging in Adobe Workfront, so campaign teams can streamline processes while maintaining visibility across all stages of the project development process.

Workfront Fusion: Workflows Automation way

Adobe Workfront Fusion is a powerful integration platform that quickly connects organization business-critical applications– with or without those built on AWS Cloud–by automating workflows and processes. This increase focus on core business solution without engaging developers into integrations or provide ongoing maintenance and engineering support.

Adobe Workfront Fusion, data and assets can flow freely across systems and teams in either direction to boost productivity.

Above steps summary:-

Adobe Photoshop:-Content editing process is complete then project status is updated in the Adobe Workfront

Workfront Fusion, Trigger a workflow to route the finished assets to relevant business applications, such as applications built on AWS cloud -Amazon S3, Lambda.

Amazon S3 events: Trigger an AWS Lambda runtime to resize the image.

The workflow then updates the finished content on the web, mobile, or tablet etc.

In this journey we walk through AEM & AWS for Adobe eCommerce to provide solutions to transform your business digitally. So any eCommerce solution deliver holistic, personalized experiences at scale, tailoring each moment of your eCommerce journey.

In the previous parts (1,2,3 & 4) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.Also visited how the are structured together to give more.

In this part as well will see on the more in architectural side.

AEM scale in the cloud

A dynamic architecture with a variable number of AEM images is required to fulfill the operational business needs.

AEM as a Cloud Service is based on the use of an orchestration engine.Dynamically scales each of the service instances as per the actual needs; both scaling up or down as appropriate.

Scaling is a very simple task in AWS with creating separate Amazon Machine Images(AMIs) for publish , publish-dispatcher and author- dispatcher instance.

Use an AMI

Three separate launch configurations can be created using these AMIs and included in separate Auto Scaling groups(Auto Scaling groups - Amazon EC2 Auto Scaling).

AWS Lambda can provide scaling logic for scale up/down events from Auto Scaling groups.

Scaling logic consists of pairing/unpairing the newly launched dispatcher instance to an available publish instance or vice versa, updating the replication agent (reverse replication, if applicable) between the newly launched publish and author, and updating AEM content health check alarms.

One more approach for the quicker startup and synchronization, AEM installation can place on a separate EBS volume. A frequent snapshots of the volume and attachment to the newly-launched instances, Cut-down need of replicate large amounts of author data. Also it ensure the latest content.

CDN:-Content Delivery Network or Content Distribution Network

A CDN is a group of geographically distributed and interconnected servers. They provide cached internet content from a network location closest to a user to speed up its delivery.

AWS is having answer of CDN requirement as well in the form of Amazon CloudFront a Low-Latency Content Delivery Network (CDN)

How it works

It will act as an additional caching layer with AEM dispatcher. Also it require proper content invalidation when it refreshed.

Explicit configuration of duration of particular resources are held in the CloudFront cache, expiration and cache-control headers sent by dispatcher required to control caching into CloudFront .

Cache control headers controlled by using mod_expires Apache Module.

Another approach will be API-based invalidation a custom invalidation workflow and set up an AEM Replication Agent that will use your own ContentBuilder and TransportHandler to invalidate the Amazon CloudFront cache using API.

These all about caching of static content only what is the solution or way to handle Dynamic content will see now.

Content which is Dynamic in Nature

Dispatcher is the key element of caching layer with the AEM. But it will not give full benefit when complete page is not cacheable. Now the question arise how dynamic content can fit into page without breaking the caching feature. There are some standard suggestion available. Like Edge Side Includes (ESIs),client-side JavaScript or Server Side Includes (SSIs) incorporate dynamic elements in a static page.

AWS is also have one solution as Varnish(replacing the dispatcher) to handle ESIs . But its not recommended by Adobe.

Till here we have seen structure of content dynamic static and various ways, but digital solution also have huge number of Assets mainly binary data. These need to configure handle properly to ensure performance of the site.

Again AWS is equipped with great solution called Amazon S3.

AEM Data Store with Amazon S3

Adobe Experience Manager (AEM), binary data can be stored independently from the content nodes. The binary data is stored in a data store, whereas content nodes are stored in a node store.

Both data stores and node stores can be configured using OSGi configuration. Each OSGi configuration is referenced using a persistent identifier (PID).

AEM can be configured to store data in Amazon’s Simple Storage Service (S3), with following PID for configuration

org.apache.jackrabbit.oak.plugins.blob.datastore.S3DataStore.config

To enable the S3 data store functionality, a feature pack containing the S3 Datastore Connector must be downloaded and installed. For more detail please refer Configuring node stores and data stores in AEM 6 | Adobe Experience Manager

This will simplifying management and backups. Also, sharing of binary data store across author and between author & publish instances will be possible and easier task with AWS S3 solution. it will reduce overall storage and data transfer requirements.

In the previous part (1,2 &3) we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. It bring a lot of gifts they bring for the digital marketing persons. Then we started a journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized. Ways how both can live and what smaller modules they used to give architectural benefits.

Now will see more on the lower level how the are arrange and manage benefits in the digital marketing area.

More on architectural sizing we will see how the AEM main area like dispatcher etc are organized into the big picture.

Dispatcher is the key family member who is taking care of Performance like matter with content caching and most important matter of load balancing.Also handling some application security aspect.

AEM dispatcher is the primary based on the Apache HTTP web-server modules and installed on the Amazon EC2 instance.

Amazon Elastic Block Store (Amazon EBS)*** I/O optimized volumes is the first choice for AEM dispatcher as it require optimized I/O operation and require memory and computation capabilities.Mapping of dispatcher instance is oneto-one with publish instance in each availability zone.

Availability zone 1:-

AEM dispa11--->publish11

AEM dispa12--->publish12 ------ so on

Availability zone 2

AEM dispa21--->publish21

AEM dispa22--->publish22 ------ so on

***Amazon Elastic Block Store (Amazon EBS) is an easy-to-use, scalable, high-performance block-storage service designed for Amazon Elastic Compute Cloud (Amazon EC2).

Availability zone 1:-

AEM dispa11--->publish11

AEM dispa12--->publish12 ------ so on

Availability zone 2

AEM dispa21--->publish21

AEM dispa22--->publish22 ------ so on

AEM installation on EBS volumes , two options are available either General Purpose SSD (GP2) volumes or provisioned Input/Output operations Per Second (IOPS) volumes. It provided a specific level of performance and lower latency.

AEM H/W sizing requirement

1)Intel Xeon or AMD Opteron CPU with at least 4 cores

2) 16GB RAM

According to the above hardware sizing, it can best fit into Amazon's EC2 M5.XL instance type. Start with EC2 M5.2XL and as per future workload it can be increased or decreased.

H/W Sizing Recommendations depends on the bellow factors

Network speed

Network latency

Available bandwidth

Computational speed

Caching efficiency

Expected traffic

Complexity of templates, applications and components

Concurrent authors

Complexity of the authoring operation

I/O performance

Performance and efficiency of the file or database storage

Hard Drive

at least two or three times larger than the repository size

Memory

Size of website

Number of concurrent users/sessions

###For more detail got to Hardware Sizing Guidelines | Adobe Experience Manager

Requirement of AEM servers depends uses experience management or DAM digital asset management.

A Minimal setup require five servers for high availability configuration in two Availability Zones and each zone have one pair of dispatcher-publisher and a single author node in any one zone.

2 availability zone--> 2*one pair of dispatcher-publisher--> total 4 server-->plus one for author in any zone--> now in total 5 server required for this minimal setup.

Load Balancing beyond dispatcher

Dispatcher is an internal AEM load balance but from the proper traffic management to handle peak hour traffic external load balancer is required AWS provide various load balance here ELB (Amazon Elastic Load Balancer - AWS) is best fit to control traffic to the dispatcher.

ELB load balancer distributes incoming requests evenly across AZs(availability zones). Also incoming requests can be evenly distributed to all servers regardless of AZs , enable cross-zone load balancing.

Load Balancer for sticky sessions: Authentication is the way to recognize the user with login mechanism,authentication is maintained by a login token.Token information stored under tokens node of the corresponding user node in repository(session id ). In the browser it stored as cookie i.e. login-token.

Here LB(load balancer need to configure for the sticky sessions , so user who authenticated on the server routed accordingly on appropriate server.

sticky sessions-->routing requests --with the--> login-token cookie -->same instance of authentication.

AEM can be configured to recognize the authentication cookie across all publish instances. However, it also requires that all relevant user session information (for example, a shopping cart) is available across all publish instances.

ELB --> in front of the dispatchers to provide a Single CNAME URL for the application.

LB with AWS Certificate Manager, for HTTPS access and to offload.

For security LB is also contributing by moving the publisher instances into a private subnet, which can access only via LB.

LB can translate port as well like default port of web is 80, so all request come to port 80 but AEM publish port is 4503 . LB can translate internally 80 into 4503.

Ensuring High Availability with this superb pair of AWS - AEM

HA (High Availability) is the process to eliminate single points of failure ,ensure continuous operation of digital marketing. The primary goal of HA is to ensure system uptime even in the event of a failure. Some time its referred as Five-nines(99.999%) availability.

Here is we are taking about the HA and five-nines or eliminating single points of failure then it will increase h/w redundancy to create backup systems.

Again the great buddy AWS of AEM from this pair will come as savior and make all the arrangement silently without more noise.

AWS provide strengths to the structure with its recovery feature. Configure each instance in the AEM cluster for Amazon EC2 Auto Recovery(Recover your instance - Amazon Elastic Compute Cloud).

Availability leads recovery as well as handling load or switching in case of failure to correct node.For this the cluster is built in conjunction with a load balancer i.e. AWS Auto Scaling to automatically provision nodes across multiple Availability Zones.

Provisioning of nodes across multiple Availability Zones for high availability is recommended, and multiple AWS Regions is answer to global deployment. AWS provides Amazon Route 53 to perform DNS fail-over for multi-Region deployment, based on health checks.

In the first & second part we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. Also what gift they bring for the digital marketing persons. Also journey into digital market leader house basement and structure, mainly repository CRX and the way its MK organized.

Now in this we will see how AEM paired with AWS at give a lot of gifts to the digital marketing persons.

AEM deliver great on AWS

There is two ways to pair AEM with AWS

Self/infrastructure Partner managed

AEM managed Service

Self/infrastructure Partner managed :-

As it suggests here two possibility of pairing, first one is Self managed means all the responsibility of deployment, maintenance of infrastructure is owned by organization itself.

its not about only AEM , maintenance patching upgrade etc but AWS also all the maintenance and upgrade etc of AWS also owned by organization.

This model is having a lot of extra effort for the organization owning this.So organizations who don't want to take extra responsibility (or resource who know these maintenance knowledge) and don't want to manage their own deployment of AEM on AWS.

Then they will go for the second suggested way with APN AWS Partner Network. There are several APN as partner to take all the extra responsibility maintenance and upgrade of AWS with advantage customization is optionally available with organization. If organization want some custom or specific enhancement into AEM infrastructure then they can own otherwise partner happily take this responsibility as well.

APNs are specialize in such pairing by providing managed hosting deployments of AEM on AWS.

APNs take care for

1) Deploying

2)Securing

3)maintaining

of AEM . Some APN provide design services and custom development for AEM.

AWS Partner Finder is a tool available to find and compare.

AEM Manged Services By ADOBE :-

After above now we will see how the second option can pair AEM and AWS. Now the father of AEM come into picture for this pairing and taking all the responsibility how he can pair AEM with AWS to provide plenty of gifts to digital marketing persons. Adobe enables customers to launch faster on AWS cloud and giving best practices and support. Now focus on innovation with reduced burden of infrastructure . Cloud Manager, from AEM Managed Services having a self-service portal that enables organizations to self-manage AEM Manager in the cloud.

Cloud Manager having some great features like continuous integration and continuous delivery (CI/CD) pipeline with performance or security. Cloud Manager is exclusive for for Adobe Managed Service customers only.

Now we can see the holistic picture of this pairing how it look like with various gifts.

** this is very generic architecture taken from the web , it can be customized according to need.

Now some H/W part of the above aka Architecture Sizing

CPU, and I/O performance is key consideration for any AEM model but it depends on usage.Amazon EC2 General Purpose M5 family of instances are good candidates for these environments.

Amazon EC2 M5 are the next generation EC2 General Purpose compute instances. M5 instances offer a balance of compute, memory, and networking resources for a broad range of workloads. M5d, M5dn & M5ad instances have local storage, offering up to 3.6TB of NVMe-based SSDs.

In the fist part we discussed how one day digital market leader meet with the a friend AWS in the Cloud and become very popular pair. Also what gift they bring for the digital marketing persons.

Now AEM asked to come to my home.

So AEM insides about its parts and structure explored.

AEM Platform :

AUTHOR:-

The content and layout of an AEM experience are created and managed in the author environment. It offers features for authoring content modifications, reviewing them, and publishing the approved versions of the content to the publish environment.

PUBLISH:-

The audience receives the experience from publishing environment. With the option to customize the experience based on demographics or targeted messaging, it renders the actual pages.

Both AUTHOR and PUBLISH instances are Java web applications that have identical installed software. They are differentiated by configuration only.

DISPATCHER:-

Dispatcher environment is the responsible for caching (storing) content and Load balancing.Helps realize a fast & dynamic web authoring environment.

Mainly dispatcher works as part of HTTP server like Apache HTTP. It store as much as possible static content according to specified rules.

So end user feel faster accessing of content and reducing load of PUBLISH. The dispatcher places the cached documents in the document root of the web server.

How AEM Store Content in Repository:-

AEM is storing data without any discrimination as it treated all the family member (data) are content only . Its following philosophy of "everything is content" and stored in the same house(Repository).

Its called CRX i.e. implementation of JCR coming from parent Content Repository API for Java and Apache Jackrabbit Oak.

The basement(base) of the building is driven by MK MicroKernels as in the picture its Tar or MongoDB. The Oak storage layer provides an abstraction layer for the actual storage of the content. MK act as driver or persistence layer here. two way of storing content , TAR MK and MongoDB MK.

TAR--> tar files-->segments

The Tar storage uses tar files. It stores the content as various types of records within larger segments. Journals are used to track the latest state of the repository.

MongoDB-->MongoDB database-->node

MongoDB storage leverages its sharding and clustering feature. The repository tree is stored in one MongoDB database where each node is a separate document.

Tar MicroKernel (TarMK)--for-->Performance

MongoDB--for-->scalability

For Publish instances, its always recommended to go with TarMK.

In more than one Publish instance each running on its own Tar MK then this combination is called TarMK Farm. This is the default deployment for publish environments.

Author instance is having freedom to go with either TAR or MongoDB. it depends on the requirement, if its performance oriented and limited number then it can go with the TarMK but if it require more scalable instances then it would go with the MongoDB. TarMK for a single author instance or MongoDB when horizontal scaling.

Now story of TarMK with Author, a cold standby TarMK instance can be configured in another availability zone to provide backup as fail-over.

TarMK is the default persistence system in AEM for both instances, but it can go with different persistent manger (MongoDB).

Gift of TarMK:-performance-optimized,for typical JCR use cases and is very fast, uses an industry-standard data format, can quickly and easily backed up, high performance and reliable data storage, minimal operational overhead and lower total cost of ownership (TCO).

Now story of MongoDB it basically come into picture when more hands required, means more user/author (more than

1,000 users/day, 100 concurrent users)and high volumes of page edits required. To accommodate these horizontal scalability required and solution is with MongoDB. It leverage MongoDB features like high availability, redundancy and automated fail-overs.

MongoDB MK can give lower performance in some scenario as its establish external connection with MongoDB.

A minimum deployment with MongoDB typically involves a

MongoDB replica consisting of

1)one primary node

2)two secondary nodes,

with each node running in its separate availability zone.

AEM--store--binary data--into ---data store.

AEM--store--content data--into ---node store.

And both stored independently.

Amazon Simple Storage Service (Amazon S3) is best high performant option for shared datastore between publish and author instances to store binary files(Assets like image etc).