Blogs

Here is a list of what you should not be doing in Liferay – Part 1 and also what you should be doing written right next to it in place of the wrong things:

• Write JDBC calls in portlets. Avoid JDBC calls in portlets. Please explore expando, service builder, dynamic queries and such from Liferay.
• Run elasticsearch & database in embedded mode in production. This is to be avoided always. For production and especially clustering, use remote elasticsearch and separate database.
• Use simple filestore for large number of documents. Right from the start prefer using advanced filestore.
• Forget to switch off developer settings in portal-ext.properties and verbose level of tracing in logs. Please switch off developer settings and verbose level tracing in logs.
• No performance testing and tuning of system before go-live. Please perform performance testing and tuning including GC / JVM / Caching / etc. for Liferay. Install Glowroot right from the start if possible in central pattern.
• Not configure security for various parts of the system. Configure SSL, xpack security for search. Explore the security page on Liferay Learn for various configurations. Perform VAPT at the start.
• Not enabling SSO. If SSO will be required in future, please enable it right from the start so that there are no user problems later. Also, it helps to reduce load on Liferay CPU of encryption.
• Not refer official documentation. Please refer liferay.dev – forums, blogs, learn.liferay.com, help.liferay.com, help center articles, Liferay Learn YouTube channel and more from the start.
• Not explore commerce, objects, publications, headless APIs, blueprints, asset library, fragments and such features. Please explore all this right from the start.
• Not explore benchmarking, performance, compatibility matrix whitepapers. Please explore them before go-live. There are lot of resources under resources section on Liferay.com including case studies, whitepapers and more.
• Not create go-live, integration, deployment diagram, architecture and such documents at the start. Please create go-live, integration, deployment, architecture, design documents from the start.
• Check Glowroot only when you face a problem. Instead, check your Glowroot regularly on weekly basis at least.
• Not size the infrastructure requirements for NAS/SAN for filestore and DR strategy. Please plan your infrastructure requirements in terms of NAS/SAN, servers for Liferay, database, elastic and others like web server before go-live.
• Not doing regular maintenance. Routinely do maintenance of Liferay, database, Elasticsearch, webserver and more by checking logs, JVM, CPU/memory usage, configurations and more.
• Not checking your lighthouse score incase of public websites. Regularly optimize your lighthouse score incase of public facing websites.
• Not have a DevSecOps strategy in place. Please create a CICD pipeline, DevSecOps strategy and implementation with Git style repository to manage things properly.
• Not have an upgrade plan mapped to quarterly release of Liferay. Please have an upgrade plan mapped to quarterly releases of Liferay.