Why we Picked CF as the Basis for our Public Cloud Multi-Tenant Platform



Similar documents
Deploy Your First CF App on Azure with Template and Service Broker. Thomas Shao, Rita Zhang, Bin Xia Microsoft Azure Team

Intel IT Cloud Extending OpenStack* IaaS with Cloud Foundry* PaaS

How To Understand The 2013 Cio Agenda For A Cloud Server

IBM Bluemix. The Digital Innovation Platform. Simon

A telecom use case with Cloud Foundry deployment

DevOps. Josh Preston Solutions Architect Stardate

Considerations for Adopting PaaS (Platform as a Service)

Enterprise PaaS Evaluation Guide

Managing Hybrid deployments using Cloud Foundry on Azure

Managing Hybrid deployments using Cloud Foundry on Azure

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

App Orchestration Setup Checklist

OpenStack Introduction. November 4, 2015

Copyright Pivotal Software Inc, of 351

STREAM FRBC

Amazon Elastic Beanstalk

KT ucloud storage. Two Years of Life with OpenStack Swift / Jaesuk Ahn, Cloud OS Dev. Team, Korea Telecom

Oracle Database Cloud Services OGh DBA & Middleware Day

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Migrating SaaS Applications to Windows Azure

Cloud Computing #8 - Datacenter OS. Johan Eker

Securing Virtualization with Check Point and Consolidation with Virtualized Security

Introduction to the Cloud OS Windows Azure Overview Visual Studio Tooling for Windows Azure Scenarios: Dev/Test Web Mobile Hybrid

SUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager Product Marketing Manager

Cloud Models and Platforms

How To Develop An Org Cloud Based Powerware For An Onpremise Cloud Environment

VMware on VMware: Private Cloud Case Study Customer Presentation

Limitations of Managing VMware vsphere with MS System Center Virtual Machine Manager 2012

Clodoaldo Barrera Chief Technical Strategist IBM System Storage. Making a successful transition to Software Defined Storage

How to choose the right PaaS Platform?

CloudCenter Full Lifecycle Management. An application-defined approach to deploying and managing applications in any datacenter or cloud environment

Intel IT s Cloud Journey. Speaker: [speaker name], Intel IT

Deploying Your Application On Public Cloud

Uila Management and Analytics System Installation and Administration Guide

Oracle Public Cloud. Peter Schmidt Principal Sales Consultant Oracle Deutschland BV & CO KG

VMware vrealize Automation

Release Notes for Fuel and Fuel Web Version 3.0.1

CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service

VM-Series Firewall Deployment Tech Note PAN-OS 5.0

Extending your VMware Cloud Infrastructure with a Private Platform-as-a-Service

w w w. u l t i m u m t e c h n o l o g i e s. c o m Infrastructure-as-a-Service on the OpenStack platform

Installation Guide Avi Networks Cloud Application Delivery Platform Integration with Cisco Application Policy Infrastructure

Camilyo APS package by Techno Mango Service Provide Deployment Guide Version 1.0

Copyright 2014, Oracle and/or its affiliates. All rights reserved. 2

Uila SaaS Installation Guide

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP

Red Hat CloudForms : OPENSTACK INFRASTRUCTURE MANAGEMENT. John Hardy Senior Principal Product Manager 24 rd June 2015

Open Source for Cloud Infrastructure

Microsoft Private Cloud

Cost effective methods of test environment management. Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA

Building SaaSApplications on Microsoft Azure. November 2011

IN DETAIL. Smart & Dedicated Servers

Assignment # 1 (Cloud Computing Security)

TestOps: Continuous Integration when infrastructure is the product. Barry Jaspan Senior Architect, Acquia Inc.

Murano User Guide. v0.2. Publication date Abstract. This document is intended for individuals who wish to use Murano Product.

Copyright 2014 Oracle and/or its affiliates. All rights reserved.

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Effective End-to-End Cloud Security

How To Write A Trusted Analytics Platform (Tap)

VMware vrealize Automation

Managed Cloud Services

Web Application Firewall

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

<Insert Picture Here> Enabling Cloud Deployments with Oracle Virtualization

SUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack. Gábor Nyers Sales gnyers@suse.com

How To Fix A Snare Server On A Linux Server On An Ubuntu (Amd64) (Amd86) (For Ubuntu) (Orchestra) (Uniden) (Powerpoint) (Networking

Stackato PaaS Architecture: How it works and why.

From Zero to Secure in 1 Minute

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.

Installing and Configuring vcloud Connector

Windows Server 2012 R2 System Center 2012 R2 in SPLA. Rick Olague, Business Planning STMG Michael Chacon, HSP

Cloud Storage in a PaaS World

Building Multi-Site & Ultra-Large Scale Cloud with Openstack Cascading

VMware vcloud Automation Center 6.1

Automating the Virtual Datacenter. Saša Hederić VMware Systems Engineer SE Europe

VMware ESXi in a Cloud-based Lab David Davis, VCP, VCAP, and vexpert

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Proposal for Virtual Private Server Provisioning

SUCCESFUL TESTING THE CONTINUOUS DELIVERY PROCESS

Software defined networking. Your path to an agile hybrid cloud network

Cloud-Based dwaf A Real World Deployment Case Study. OWASP 5. April The OWASP Foundation

Table of Contents HOL-PRT-1671

Huawei and Open Source. Industry development department Shi Hao

Cisco Network Services Manager 5.0

Building Clouds with OpenNebula 3.4

F-Secure Messaging Security Gateway. Deployment Guide

PAAS: Demystified. General Terms

Stratusphere Solutions

Setting up your virtual infrastructure using FIWARE Lab Cloud

1.1 SERVICE DESCRIPTION

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC

XpoLog Competitive Comparison Sheet

2) Xen Hypervisor 3) UEC

EMC BACKUP-AS-A-SERVICE

Snare System Version Release Notes

On- Prem MongoDB- as- a- Service Powered by the CumuLogic DBaaS Platform

Cloud Security:Threats & Mitgations

Hadoop on OpenStack Cloud. Dmitry Mescheryakov Software

Transcription:

Why we Picked CF as the Basis for our Public Cloud Multi-Tenant Platform Mike Root @mikersj Jeroen van Rotterdam @jvanrotterdam 1

applications THE ANNOYING Our Stuff is Complex tenants WE ONLY WANT TO BUILD APPLICATIONS 2

THE ANNOYING Our Stuff is Complex Shared Application Micro Services WE ONLY WANT TO BUILD APPLICATIONS 3

TENANT PARTITIONING Acme Supplier Exchange Client acme.emcond.com FooBar Supplier Exchange Client FBPortal.emcond.com Router acme.emcond.com FBPortal.emcond.com : se v16 : se v15 Supplier Exchange v16 Supplier Exchange v15 v15 s Tenant Admin v1 Shared Services V7 Shared Services V7 Shared Services V6 Shared Services V6 xdb Server xdb Server Cassandra Server Cassandra Server SWIFT SWIFT SWIFT xdb cluster (metadata) Cassandra cluster Cloud Blob Store 4

PRODUCTION SETUP Warden Containers CloudFoundry BOSH managed VM s Concurrent Authoring Service Analytics Engine Transformation Services Metadata Service Platform Mgt Console Tenant Mgt Console Supplier Exchange BPM Service Case Management Service Retention Mgt Service Other VM s Windows VM AD/ADFS/vCenter etc HAWQ Pivotal HD Secure Full Text Engine Swift Blob Store ClamAV (virus check) Firestone Authentication CF Service Cassandra CF Service xdb CF Service RabbitMQ 5

NETWORK SEGREGATION BOSH CF Other CF Router DEA CF Services Windows 6

Example CLOUDFOUNDRY BENEFITS BOSH provisions the entire datacenter Repeatable at any time No downtime Cloud Foundry Handles application scalability Tenant (Customer) modifiable URL Upgrade tool Uses the CF API Blue Green upgrade (0 downtime) Dynamically move/configure tenants Promotion process is fully automated Shellshock, OS Security vulnerability 1 We updated the stem-cell (OS) 2 Ran bosh deploy 16 CF environments updated (dev/test/pre-prod/prod) 3 16x30 VM s updated No down time Drank beer (optional) 7

CLOUDFOUNDRY BENEFITS WE DIDN T BUILD ANY OF THIS Monitoring Monitoring VMs Monitoring applications Resource scaling High Availability VM HA Application HA Log collection Health metrics Shellshock, OS Security vulnerability WE ONLY WANT TO BUILD APPLICATIONS 8

SPIFF GENERATION OF BOSH MANIFESTS 16 Deployments managed with auto generated manifests Core templates 16 Instance specific deployments Support for multiple networks Contribute to the community $> spiff merge cf-jobs.yml cf-network.yml vcenter.yml ci.yml dev.yml preprod.yml prod.yml ci_merged.yml dev_merged.yml preprod_merged.yml prod_merged.yml 9

CLOUDFOUNDRY UPGRADE TOOL T0-A1 T0-A4 T1-A1 T2-A1 T3-A1 T5-A1 T4-A1 T3-A2 T0-A2 T0-A3 Tenant - App configuration BLUE GREEN DEPLOYMENT App Blue App Blue App Green NGIS Blue NGIS Green CloudFoundry CloudFoundry API to deploy applications SaaS REST to move/configure tenants e.g. new security rules, enable features etc Old and new versions running in parallel 10

GAPS WE CONQUERED OS hardening; Ubuntu patch version, ssh permissions, file access etc etc Deploying in multiple networks with firewalls CF/BOSH/DEA/Router/Services Spiff not setup for multiple networks Keeping up to date with latest CF release Converting v1 services to v2 services DR setup CF cli is constantly changing, but CF api is more stable We use the API for the upgrade tool Debugging applications in CloudFoundry (step through code) Filesystem options/type for persistent storage (swift) Filesystem size of /tmp is not configurable BOSH builds are more difficult because BOSH doesn t support artifactory as a BLOB store Managing multiple BOSH deployments Log files other than stderr/stdout Collecting them Limited disk space SPIFF manifests are harder to read by a human Spiff diff helps Application needs to report ready before ready for large application Router networking resources exhausted keep-alive disabled CF staging blobs not cleaned up properly CF routes not cleaned up properly WE ONLY WANT TO BUILD APPLICATIONS 11

CONTRIBUTIONS TO CLOUNDFOUNDRY Bosh releases ClamAV First EMC Contribution to CF.org SWIFT HA Proxy Deployment VM BOSH CLI CF CLI User management ability Cassandra as a CF Service Zabbix Agent (open source monitoring tool) Network yml Service Brokers Cassandra xdb WE ONLY WANT TO BUILD APPLICATIONS 12

PROMOTION PROCESS CI SaaS Continuous Deployment Process DEV Validation Build #806 Build #805 Build Build #803 Build #802 QE Validation Functional Test L10N/I18N Test 6 hours Performance Validation Performance Test Longevity Test 12 hours Integration Validation Integration Test Upgrade Validation 30 minutes Upgrade Test Pre-Prod Validation Environment Test 28 mins Production Datacenter 1 Datacenter 2 Datacenter 3 Datacenter 4 Cloud Foundry Cloud Foundry Cloud Foundry Cloud Foundry Cloud Foundry Cloud Foundry Cloud Foundry 1 2 3 4 5 6 7-8 Upgrade Tool / BOSH: Configuration Management, Orchestration 13

DEPLOYMENT HISTORY 8 BOSH upgrades 2 CloudFoundry upgrades 22 upgrades of 3 applications 1 stemcell upgrade 29 releases in 37 weeks since GA GA 14

Q & A NOT THAT WE HAVE TIME FOR THIS 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information