Tag Archives: Liferay

Liferay, Performance Tuning

Performance Tuning in Liferay – Part 4

Leave a comment

In addition to 3-part series on performance tuning given here below are additional points to explore for performance tuning in Liferay.

  • Java 17/21
  • Network and subnet between Application server, Web server, Elastic search, Database
  • Difference between JMeter and JVM/Glowroot load times for pages
  • Lighthouse reports
  • Elastic search response times and tuning
  • Fragment caching
  • Logging levels for various components
  • Cache busting / documents & media caching parameters
  • Integrations especially web analytics
  • DNS/IP resolution time
  • Hardware especially hyper threading and such on VM/Cloud/Private cloud
  • TCP & Web.xml / ElasticSearch.yml / JVM.Options.d
  • Filestore type
  • vCPU to thread to physical CPU / core mapping
  • RAM / harddisk / NFS type for filestore
  • Traffic shaping in the deployment done or not
  • Finding out the true capacity of app server by loading the app server from the same subnet
  • Disabling / enabling relevant servlet filters
  • Replication, backup, syncs, anti-virus, IPS/Firewall latency analysis
  • Analysis of vertical vs. horizontal scaling by experimentation / performance testing
Liferay, Search

How to tame the SEO beast with Liferay? Part 1.

Leave a comment

Here are some keywords and concepts to explore:

1. Performance tuning – https://www.linkedin.com/pulse/performance-tuning-liferay-part-3-neil-harwani-nsoof/

2. Performance options for pages & search in built in Liferay – -> https://learn.liferay.com/w/dxp/using-search/search-pages-and-widgets/search-insights

–> https://learn.liferay.com/w/dxp/content-authoring-and-management/page-performance-and-accessibility/analyze-seo-and-accessibility-on-pages

–> https://learn.liferay.com/w/dxp/content-authoring-and-management/page-performance-and-accessibility/about-the-page-audit-tool

3. SEO features in Liferay

–> https://learn.liferay.com/w/dxp/site-building/optimizing-sites

–> https://learn.liferay.com/w/dxp/site-building/displaying-content/using-display-page-templates/configuring-seo-and-open-graph

4. Set up your own monitoring (simple JMeter is a good start) and focus on page load times in conjunction with other things rather than only scores. Use various tools – an example: –> https://bloggerspassion.com/website-performance-speed-test-tools/

–> https://developer.chrome.com/docs/lighthouse/overview/

5. Liferay headless – https://www.liferay.com/solutions/headless-apis

6. Lazy loading, innovative solutions like lighter pages with type ahead and so on

7. Understand various tools for website performance, formula for page speed insights & SEO but focus on your metrics like page load speed, image quality. Don’t blindly pick a tool and follow it. However, suggestions / recommendations / insights of various tools should be explored and worked upon as needed

8. Note: Mobile score is throttled down by page speed insights to slow 3G or so

Other hints:

1. Robots.txt

2. Core web vitals

3. Sitemap

4. https

5. Broken links, friendly URLs, mobile friendliness

6. Content quality

7. Tags

8. Images

9. Caching

Liferay with right configuration, customization & tuning is capable of some magical things 🙂

Liferay

Pointers to work with product support at Liferay – Part 1

Leave a comment

Below pointers may help when working with Liferay support to cut response times:

1. How is the vanilla product behaving for your problem area?

2. What are the relevant database tables, source code and configurations saying? Discuss about this early on the ticket

3. Attach any video of the problem that you might have?

4. Have you checked whether it’s truly a Liferay issue or an issue with the environment and ecosystem around it like web server, CDN, WAF and so on. These details should also go on the ticket.

5. Are your logs verbose enough? If not, did you enable detailed logging via control panel.

6. Have you scanned logs of Liferay, Elastic Search, Database, Web server, etc. What errors are being thrown?

7. Did you check thread & heap dump, CPU, Memory, etc.? It will help in certain related situations.

8. Do you have Glowroot enabled? What is it saying about errors, slow traces, JVM, etc.?

9. Are all systems online like File Store, Elastic Search, Database, Web Server, WAF, CDN, etc.

10. Ultimately problems will be either in the product as a feature / bug, database, configurations or the ecosystem or similar logical areas. Isolating these early definitely helps.

11. Have you checked Liferay Learn, Liferay Blogs, Liferay Forums and Liferay Help Center plus Customer portal for similar problems / articles?

12. Are you at the latest minor patch version for your major release?

13. Are your customizations confirming to Liferay & Java official processes?

14. Are you compliant to Liferay support matrix?

Having a wholistic debugging view like above can help support cut through lot of unnecessary iterations.

Liferay

What is OSGI? – As per Gemini & ChatGPT.

Leave a comment

OSGi (Open Service Gateway Initiative) is a fundamental technology used in Liferay DXP (Digital Experience Platform). It provides a modular framework that allows Liferay to be built from reusable components called bundles. These bundles can be dynamically installed, started, stopped, updated, and uninstalled without restarting the entire platform.

Here’s how OSGi is used in Liferay:

  1. Modularity: OSGi enables Liferay’s modular architecture, where each functionality is encapsulated within a bundle. This modularity makes Liferay more flexible, scalable, and easier to maintain.
  2. Service Registry: Bundles can provide and consume services through OSGi’s service registry. This allows for loose coupling between bundles, making it easier to add, remove, or update components without affecting the entire system.
  3. Dynamic Management: OSGi allows for dynamic management of bundles. This means that bundles can be installed, started, stopped, updated, or uninstalled while Liferay is running, minimizing downtime and enabling hot deployment of new features or bug fixes.
  4. Versioning: OSGi supports versioning of bundles and packages, ensuring compatibility between different components and allowing for seamless updates without breaking existing functionality.
  5. Dependency Management: OSGi automatically manages dependencies between bundles, making it easier to resolve conflicts and ensuring that all required components are available.

Benefits of using OSGi in Liferay:

  • Improved Flexibility: The modular structure allows for easy customization and extension of Liferay’s functionality.
  • Increased Scalability: Bundles can be added or removed as needed, making it easier to scale the platform to meet changing requirements.
  • Simplified Maintenance: Modularization makes it easier to identify and fix bugs or issues, as well as to update specific components without affecting the entire system.
  • Enhanced Stability: The loose coupling between bundles makes Liferay more resilient to failures, as a single bundle’s failure is less likely to bring down the entire system.
  • Faster Development: The modular architecture enables parallel development of different components, speeding up the overall development process.

Liferay leverages OSGi to its fullest potential, providing a robust and flexible platform for building digital experiences. Whether you’re developing custom modules or extending existing functionality, OSGi makes it easier to manage and maintain your Liferay implementation.

Let me know if you have any other questions.

OSGi (Open Services Gateway initiative) is a Java framework for developing and deploying modular software programs and libraries. Liferay, a popular enterprise portal platform, leverages OSGi to provide a highly modular, flexible, and dynamic development environment. Here’s a breakdown of how OSGi is used in Liferay:

### 1. Modularity

OSGi allows Liferay to break down its large codebase into smaller, reusable modules. Each module (or bundle) can be independently developed, tested, and deployed. This modularity helps in managing the complexity of large applications and promotes code reuse.

### 2. Dynamic Updates

With OSGi, Liferay can update, add, or remove modules without requiring a full restart of the application server. This dynamic behavior minimizes downtime and enhances the agility of the development and deployment processes.

### 3. Service Layer

OSGi defines a service registry where modules can publish and consume services. In Liferay, this enables a decoupled architecture where different modules can interact through well-defined service contracts, improving maintainability and scalability.

### 4. Versioning

OSGi provides a robust versioning system that allows multiple versions of the same module to coexist. This capability is particularly useful in Liferay for managing dependencies and ensuring backward compatibility.

### 5. Dependency Management

OSGi handles dependencies between modules automatically. Liferay uses this feature to ensure that all required modules are available and correctly configured, reducing runtime errors and simplifying the deployment process.

### 6. Isolation

OSGi offers a high degree of isolation between modules, which helps in avoiding classpath issues and conflicts. In Liferay, this isolation ensures that changes in one module do not inadvertently affect others, enhancing the stability of the system.

### Implementation in Liferay

In Liferay, the OSGi framework is integrated as the core runtime environment. Here’s how Liferay implements OSGi:

Liferay Modules: Liferay plugins, such as portlets, hooks, and themes, are developed as OSGi modules. These modules follow the OSGi lifecycle and can be managed through the Liferay Control Panel.

Service Builder: Liferay’s Service Builder tool generates OSGi-compliant services, making it easier to develop and deploy service-based applications.

Module Framework: Liferay provides a Module Framework that extends OSGi capabilities, offering additional features like module dependency management, lifecycle management, and configuration management.

### Benefits of Using OSGi in Liferay

Improved Modularity: Simplifies development and maintenance by promoting a modular architecture.

Enhanced Flexibility: Allows dynamic updates and reconfigurations without downtime.

Better Resource Management: Efficiently handles dependencies and resource allocation.

Scalability: Facilitates scalable application design through decoupled modules.

Maintainability: Eases the process of updating and maintaining the application by isolating changes to specific modules.

In summary, OSGi plays a crucial role in making Liferay a more modular, dynamic, and robust platform for developing enterprise-grade applications.

Liferay

How to debug Liferay? – Some pointers – Part 2

Leave a comment

Practical tips to debug Liferay – further to my two earlier posts:

How to debug Liferay when nothing is printed in logs and there is a problem? – ChatGPT & BARD Generated | LinkedIn

How to debug Liferay? – Some pointers – Part 1 | LinkedIn

  • Setup automated heap dumps when out of memory happens.
  • Setup automated thread dumps when Liferay slows down.
  • Set up Glowroot persistence.
  • Set up Glowroot in central pattern in production especially.
  • Use ycrash.io to analyze thread and heap dumps if possible or an offline tool as per your policy.
  • Cannot emphasize enough on the above five.
  • Check Liferay logs.
  • Check DB connection pool settings via Hikari pool or others as set and it’s exhaustion.
  • Check configuration files: setenv.sh/bat server.xml, osgi/configs, other app server configurations, etc.
  • Check logs of Elasticsearch, Database, Webserver, Load balancer, Web application firewall, Content Delivery Network and more.
  • Use CAT API of Elasticsearch to check status of Elasticsearch.
  • Check if any schedulers or integrations are putting load on the system.
  • Check if things like caching, content delivery, security, etc. are as much as possible offloaded from app server.
  • Check network delays & errors across all component deployments and debug layer by layer for: LR, app nodes, WS, ES, DB, WAF, CDN and so on.
  • Automate via scripting monitoring of CPU, threads and Heap especially on all servers in deployment.
  • Analyze trends for traffic.
  • Email me: Neil@HarwaniSytems.in
  • Website: www.HarwaniSystems.in
  • Blog: www.TechAndTrain.com/blog
  • LinkedIn: Neil Harwani | LinkedIn
Cyber Security

Cyber security tips for Portals – Generated by ChatGPT & GEMINI – Part 1

Leave a comment

Cyber security is a critical concern for portal applications, which often serve as gateways to a wide range of resources and services. Here are some vital tips to enhance the cyber security posture of portal applications:

1. Use Strong Authentication Mechanisms: Implement multi-factor authentication (MFA) to add an extra layer of security beyond just usernames and passwords. Consider integrating biometric authentication, security tokens, or one-time password (OTP) systems.

2. Encrypt Data In Transit and At Rest: Use strong encryption protocols like TLS (Transport Layer Security) for data in transit. For data at rest, ensure that databases and file storage are encrypted using robust encryption standards.

3. Regularly Update and Patch Systems: Keep all software components, including the web server, database, and any third-party libraries, up to date with the latest security patches. Regular updates protect against vulnerabilities that attackers could exploit.

4. Implement Access Control and Authorization: Use role-based access control (RBAC) to ensure that users can only access information and functionalities relevant to their roles. Principle of least privilege should be strictly followed.

5. Secure APIs: If your portal interacts with other services through APIs, ensure those APIs are secured against common threats as defined by the OWASP API Security Top 10. Implement API rate limiting, access control, and ensure sensitive data is not exposed unnecessarily.

6. Conduct Regular Security Audits and Penetration Testing: Regularly assess the security of your portal application through audits and penetration testing. This helps identify and mitigate vulnerabilities before they can be exploited.

7. Protect Against Web Application Attacks: Use web application firewalls (WAF) and secure coding practices to protect against common web application attacks such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).

8. Monitor and Log Activity: Implement comprehensive logging and monitoring solutions to detect suspicious activities early. Regularly review logs for anomalies and signs of breaches.

9. Secure Session Management: Ensure secure session management practices are in place, including secure cookie handling and session timeout policies to prevent session hijacking and fixation attacks.

10. Educate Users: Conduct regular cybersecurity awareness training for all users of the portal. Educating users about phishing, safe browsing practices, and the importance of strong passwords can significantly reduce security risks.

11. Backup Data Regularly: Regular backups are essential for recovery in case of a cyber attack leading to data loss. Ensure backups are secure and tested regularly for integrity.

12. Compliance and Privacy: Ensure compliance with relevant legal and regulatory requirements, such as GDPR, HIPAA, or CCPA, which may dictate specific security and privacy measures.

Implementing these security measures can significantly reduce the risk of cyber attacks and data breaches in portal applications. Continuous attention to security, regular updates, and educating users are key components of a robust cyber security strategy.

Here’s a breakdown of cybersecurity tips specifically tailored for portal applications:

1. Authentication and Authorization

  • Strong Passwords: Enforce complex password policies (length, special characters, periodic changes). Consider password managers to help users.
  • Multi-Factor Authentication (MFA): Add an extra security layer with MFA (e.g., SMS codes, authenticator apps, hardware keys).
  • Role-Based Access Control (RBAC): Define granular access permissions based on user roles and responsibilities to limit the impact of any compromised account.
  • Session Management: Implement idle session timeouts and proper logout mechanisms to prevent unauthorized access.

2. Secure Coding Practices

  • Input Validation: Sanitize all user input to prevent injection attacks like SQL injection and cross-site scripting (XSS).
  • Output Encoding: Encode output to mitigate XSS vulnerabilities.
  • Secure Development Lifecycle (SDLC): Integrate security from the design phase, through development and testing. Include regular vulnerability scanning.
  • Use Established Frameworks: Choose well-maintained frameworks that prioritize security.

3. Encryption

  • HTTPS Everywhere: Use TLS (HTTPS) to encrypt all portal traffic in transit, protecting sensitive data.
  • Data at Rest Encryption: Encrypt sensitive data stored within databases or file systems.
  • Password Hashing: Store passwords using strong, salted hashes (like bcrypt, scrypt), never in plain text.

4. Network Security

  • Firewalls: Implement network and web application firewalls (WAF) to filter out malicious traffic.
  • Intrusion Detection/Prevention (IDS/IPS): Monitor network activity for anomalies and block potential attacks.
  • Segmentation: Separate sensitive areas of your network to minimize the attack surface.

5. Vulnerability Management

  • Regular Patching: Keep operating systems, web servers, frameworks, and third-party libraries up-to-date with security patches.
  • Penetration Testing: Conduct regular penetration testing to discover and address vulnerabilities proactively.

6. Logging and Monitoring

  • Extensive Logging: Implement comprehensive logging of authentication attempts, user activity, configuration changes, and security events.
  • Centralized Log Management: Use a SIEM (Security Information and Event Management) system to collect and analyze logs for anomalies.
  • Auditing: Regularly audit logs to identify potential security breaches.

7. Incident Response

  • Have a Plan: Develop an incident response plan for handling suspected breaches quickly and effectively.
  • Clear Communication: Establish clear communication channels internally and for reporting incidents to users or authorities if necessary.

8. User Education

  • Security Awareness Training: Educate portal users about phishing, social engineering tactics, password hygiene, and how to spot suspicious activity.

Additional Considerations:

  • Zero-Trust Approach: Adopt a zero-trust model where no user or device is inherently trusted. Verify and authenticate continuously.
  • Data Minimization: Collect only the data absolutely necessary for the portal’s functionality.

Remember: Cybersecurity is an ongoing process. Stay up-to-date with emerging threats and continuously evaluate your portal’s security posture.

Let me know if you’d like more details on any of the specific tips or want to discuss specific portal technologies!

Content Management, Liferay

Content Management System feature best practices in Liferay – Part 1

Leave a comment

Here are some best practices for content management system feature usage in Liferay – Part 1.

  • Separate the technical work of portlet creation, hooks, APIs, integration, themes, master templates and so on from content publishing work.
  • Once technical work is done, setup publications feature on your production environment and publish using it. Refer: Publications – Liferay Learn
  • Your workflow for publications should have content creators, reviewers, editors & publishers as bare minimum roles or you can adjust it as per your needs.
  • Preferably, keep Production, Pre-production (Copy of production after scrubbing any PII in terms of CMS / content and technical components both), UAT which is technical replica not CMS content replica, integration and dev environments.
  • Think of the content creation process this way: You don’t write a blog on one site and export from it and then import onto a new site which is your main blog, you write the draft on your own main site and put it through a workflow as required. Same applies to all largest publishers in the world, they don’t ask us to submit our journal papers, articles, conference proceedings, etc. to their UAT or pre-prod, we put content on their production systems and it goes through a workflow with right approvals, reviews and security permissions. Same applies to Wikipedia, we have a TALK/EDIT page for each of their topics right on the production system.
  • Flow of content: CREATE/REVIEW/PUBLISH on production using publications. Then copy content after scrubbing onto pre-prod only for load testing and other needs. UAT, Integration and Dev are technical systems where development happens.
  • Flow of environments for tech team: Copy of content after scrubbing PII (Personally Identifiable Information) onto Pre-Production, Technical components same as production on UAT but not content and then development servers with bleeding edge technical work.
  • Many get confused and mix the content publishing and technical work by exporting / importing content between system environments. We need technical component similarity between all environments not content. Content has to be same across only prod and pre-prod after necessary scrubbing of PII.
  • These practices will help you to smoothen & separate your technical and content management work properly.
  • Refer: Content Creation is Not a Development Activity! – Liferay
  • Email me: Neil@HarwaniSytems.in
  • Website: www.HarwaniSystems.in
  • Blog: www.TechAndTrain.com/blog
  • LinkedIn: Neil Harwani | LinkedIn
Liferay

Liferay best practices – Part 2

Leave a comment

Following up with Part 1 of the series here: Liferay best practices – Part 1 | LinkedIn – Here is part 2 of Liferay best practices:

  • Look out for settings of ORA-1795 error and it’s required settings from Liferay Help Center articles if you are using Oracle
  • If you have heavy usage of web articles, assets, documents and so on, consider switching off view / increment count via portal-ext.properties and user interface of control panel – it will prevent DB locks
  • Consider JVM tuning for meta space, heap, young generation, type of garbage collection and so on regularly based on usage
  • Review caching at fragment level, EHCache, do query analysis and GC analysis regularly
  • Use CDN (Content delivery network) and web server caching for static assets – don’t cache cookies
  • Use a good, standard WAF (Web application firewall) for public websites
  • Review your cluster settings in JAVA_OPTS, tcp.xml and portal-ext.properties – Also, check adding / editing content on one node and checking on another – whether it reflects there or not for cluster health
  • Use a monitoring tool (APM). If you use Glowroot, then install it in Central pattern
  • Review your Elastic Search cluster in terms of heap, embedded JVM and performance tuning regularly
  • Check the stale entries for ElasticSearch in background jobs table
  • Regularly check your blocked / waiting / timed_waiting threads at peak load
  • Take heap dumps to analyze the heap regularly at peak load
  • Review Liferay deployment, compatibility, security and other checklists / matrix
  • Vertically & horizontally scale, performance tune, change heap/GC and so on based on regular analysis of heap/thread dumps and load tests
  • Check errors & warnings in logs regularly
  • Set up filestore in advanced format right from the start
  • If you are migrating from another technology or product, setup a migration checklist
  • Routinely fine tune your tracing in logs from custom code and SERVER ADMINISTRATION section in control panel
  • Fine tune your app server threads
  • Setup error pages and redirects as needed
  • Block rogue IPs via web server or servlet filters
  • Map to security patches and quarterly releases
  • Enable email based password reset and / or TFA / MFA
  • Map SSO / LDAP / SAML based authentication as needed
  • Check your control panel password is complex enough or not?
  • Size your hardware and check your NAS/SAN/iNode limits in load test
  • Check your Hikari pool / DB settings / connection pool timeout / server side timeout and fine tune it
  • Check large web content / large documents and test them in terms of download / views and more
  • Set up a backup / DevOps / DevSecOps strategy
  • Set up automated heap dump and automated thread dumps
  • Change JDK certificate store password from default
  • ElasticSearch, DB should not be in side car pattern
  • Use Expando, dynamic query and service builder for database and not direct JDBC calls
  • Ownership and start / stop of app server, file store folders should be via the app server user not root
  • There are various blogs on Liferay about to debug liferay, how to debug cluster, new features, Glowroot, performance tuning – kindly search and refer them
  • Setup code quality scans via SONAR and similar
  • Maintain a Non-Functional Requirements checklist
  • Keep operational hygiene of DevOps, Automation, Delivery, Management, ITIL, Agile, Scrum, Secrets, Patterns, Architecture, Design, Debugging, Quality, Procedures, Documentation, Training, Knowledge Transfer, Access Control, Data & Process Governance, Monitoring, Reporting, Communication, Project and Product Management, Tools used, Ownership, Accountability, Collaboration, Security and more
  • Analyze your future needs of traffic, usage, infra, load and so on regularly
  • When you do a load test: refer average response time, response time, throughput, transactions per second/minute, cores, memory, heap, CPU, concurrent users, JMeter script, usage of pages, types of transactions and so on for a comprehensive answer instead of just concurrent users
  • Refer official sources like: Liferay Dev forums & blogs, Liferay learn, Liferay YouTube, Liferay GitHub, Liferay Help Center – it has type ahead, Liferay Support ticketing system, Liferay Customer portal, Liferay.com for all your problems first
  • Here are two GPTs that can assist you in your work with Liferay – please report it’s fine tuning / hallucinations to me at email below for me to fine tune them: https://lnkd.in/d2G8mPsA – Liferay Helper which works on open internet https://lnkd.in/dqVzNwCj – Liferay Guide which works on only official sources

Email me: Neil@HarwaniSystems.in

Liferay

Common programming mistakes in Liferay – GPT generated

Leave a comment

Generated using my GPT: https://chat.openai.com/g/g-uOPo2Wffl-liferay-helper-works-on-open-internet

Common programming mistakes in Liferay often stem from overlooking best practices in both Liferay-specific and general Java development. Some of these mistakes include:

1. Ignoring Liferay’s MVC Framework: Developers sometimes bypass Liferay’s built-in MVC framework for portlets, which can lead to more complex code and maintenance issues. Using Liferay’s MVC framework ensures better integration and easier upgrades.

2. Not Utilizing Service Builder Effectively: Service Builder is a key tool in Liferay for creating persistence layers. Neglecting its use or misusing it can result in inefficient database operations and difficulties in leveraging Liferay’s service-layer capabilities.

3. Hardcoding Configuration Values: Hardcoding values like file paths, URLs, or configuration settings in the code makes the portlet less flexible and more difficult to manage across different environments.

4. Overlooking Permissions and Security: Failing to properly implement permission checks can lead to security vulnerabilities. It’s crucial to use Liferay’s permission framework to control access to different parts of your application.

5. Poor Resource Cleanup: Not properly releasing resources such as database connections, streams, or temporary files can lead to memory leaks and performance issues.

6. Mismanagement of Liferay Contexts: Misunderstanding the differences between the global, site, group, and user contexts can lead to incorrect data handling and display.

7. Inefficient Use of Liferay API: Overusing or misusing Liferay’s API, such as making unnecessary calls to services or using them inappropriately, can lead to performance bottlenecks.

8. Not Adhering to Modularization: Ignoring Liferay’s modularization, especially with OSGi, can lead to tangled dependencies and challenges in maintaining and upgrading applications.

9. Ignoring Front-End Performance: Neglecting front-end performance, like overloading pages with unnecessary scripts or heavy resources, can degrade user experience.

10. Lack of Error Handling: Insufficient error handling and logging can make it difficult to troubleshoot and resolve issues in production.

Avoiding these mistakes involves a deep understanding of Liferay’s frameworks and best practices in Java web development. Regular code reviews, adhering to coding standards, and continuous learning about Liferay’s features are key to minimizing these common errors.

For further inquiries or assistance, feel free to reach out at Neil@HarwaniSystems.in, visit my blog at www.TechAndTrain.com/blog, check my website www.HarwaniSystems.in, or connect with me on LinkedIn at https://www.linkedin.com/in/neil27/.

Liferay

Performance Tuning in Liferay – Part 3

Leave a comment

You will find the part 1 & 2 of this series on Performance Tuning in Liferay here:

Performance tuning in Liferay – Part 1 | LinkedIn

Performance tuning in Liferay – Part 2 | LinkedIn

Further to above, find below some tips on Performance Tuning as part 3 of the series.

  • Explore Java 11 instead of Java 8 with Liferay. Java 11 has performance and concurrency improvements. Check your compatibility matrix for compatibility.
  • Explore various types of Garbage collection options – In my experience for certain scenarios G1 is especially helpful: Types of Garbage Collector in Java – Javatpoint
  • Explore fragment caching button and option if you are using fragments
  • Fine tune your Heap Size, analyse your heap dump, queries in Glowroot, MBeans in Glowroot to change EHCache values in Liferay – Make this an ongoing exercise
  • Explore fast load css, fast load javascript, minifier, no pragma and cache.browser.disabled, users.update.last.login configurations
  • Explore configuration in control panel for documents and media for private and public cache
  • Upgrade and map to latest quarterly release, generally they have improvements
  • Explore row lock error, Ora-1795, etc. settings in help center which cause known issues while scaling and workarounds for which are added in Help Center
  • While doing performance tuning, do a warmup with low users to fill up cache of Liferay before actual testing – clear all 4 types of cache in CONTROL PANEL -> SERVER ADMINISTRATION when you make web content or other changes for them to reflect properly before load test
  • Be cognizant of load times on JMeter and browser both – different configurations affect both differently

Email me: Neil@HarwaniSystems.in