Expand Cloud Foundry for the Enterprise
Download as PPTX, PDF1 like592 views
The document outlines Comcast's approach to expanding Cloud Foundry for enterprise use, detailing various services, isolation challenges, and management solutions. It highlights the importance of compliance, monitoring, and operational strategies within a multi-tenant environment. Key success factors include education, attack surface reduction, and standardized application filtering.
![Copyright 2017 Comcast
BYOU
9
// Command Line
cf create-service c-byou shared my-byou -c
payload.json
// payload.json
{
"privateFQDN": ["my-app.site1.example.com", "my-
app.site2.example.com"],
"publicFQDN": "my-app.example.com",
"owner": "app-owner-ntid",
"description": "Requested by app-owner-name“,
"cert" :{
… CERT DETAILS …
}
}
// Command Line
cf create-service c-gslb shared my-gslb -c
payload.json
// payload.json
{
"publicFQDN": "my-app-name.example.com",
"gslb": "my-app-name.g.example.com",
"health": "/health"
}
GSLBaaS](https://image.slidesharecdn.com/expandcloudfoundryfortheenterprise-171214005915/85/Expand-Cloud-Foundry-for-the-Enterprise-8-320.jpg)
Expand Cloud Foundry for the Enterprise
- 1. Expand Cloud Foundry for the Enterprise By Tim Leong Cloud Architect, Comcast @PhillyTJL 1
- 2. Copyright 2017 Comcast 3 Enterprise Cloud
- 3. Copyright 2017 Comcast Quick Facts 4 Foundations 2017201620152014 Developers 1,500+ 2014 2017 8,300 19,000 Apps AIs Applications Transactions AWS AWS AWS 25 k / second 1.5 bn / day
- 4. Copyright 2017 Comcast Enterprise Starter Pack 5 DR change control monitoring security/compliance backups
- 5. Isolation
- 6. Copyright 2017 Comcast Isolation Challenges 7 • Applications: Single Site Only • Data: Shared Data, Data Replication • Operators: Management / Consistency
- 7. Copyright 2017 Comcast App Redundancy: BYOU and GSLB • Marketplace Service for GSLB • Custom URLs • Health-check and Automated Failover • Custom URLs and Certificates 8 cf create- service BYOU cf create- service GSLB West PCF East PCF app.site1.com app.site2.com app.site.com app.site.com gslb
- 8. Copyright 2017 Comcast BYOU 9 // Command Line cf create-service c-byou shared my-byou -c payload.json // payload.json { "privateFQDN": ["my-app.site1.example.com", "my- app.site2.example.com"], "publicFQDN": "my-app.example.com", "owner": "app-owner-ntid", "description": "Requested by app-owner-name“, "cert" :{ … CERT DETAILS … } } // Command Line cf create-service c-gslb shared my-gslb -c payload.json // payload.json { "publicFQDN": "my-app-name.example.com", "gslb": "my-app-name.g.example.com", "health": "/health" } GSLBaaS
- 9. Copyright 2017 Comcast Isolation Challenges Persistence • Resilient Data = BYO • Sharing Data Across Sites = BYO • Solution = TBD • Docker Based Container Orchestration (talk to us) Management Plane • CI/CD for CF Operators 11
- 10. Copyright 2017 Comcast Enterprise Starter Pack 12 DR change control monitoring security/compliance backups
- 12. Copyright 2017 Comcast Compliance Challenges 14 • Multi-tenant Policy Enforcement • Forensic Analysis on Dynamic IPs • “What’s a PaaS?”-------- -------- --------
- 13. Copyright 2017 Comcast Success Factors 15 • Education • Reduce Attack Surface • Don’t mix and match • Application based Filtering • PCF Add-Ons • Logging / Auditing • PCF Documentation -------- -------- --------
- 14. Copyright 2017 Comcast Enterprise Starter Pack 16 DR change control monitoring security/compliance backups
- 16. Copyright 2017 Comcast Monitoring Challenges 18 • Total Stack KPI (App, Platform, Infrastructure) • Status, Notification, Events, Trends • Transparency • Modular • OpenSource Only
- 17. Copyright 2017 Comcast 19 git -- Available on github.com/comcast Open Source PCF Commercial Collection/ Alerting Metrics DBData Refinement Cloud Foundry Telegraf AgentsJMX Bridge EVENTS TRENDINGNOTIFICATION System Metrics BOSH telegraf buildpack CC API CF Metrics App Metrics VROPS Infra. Metrics STATUS staytus.co slack.com alerta.io grafana.com BOSH Config git git
- 18. Copyright 2017 Comcast 20
- 19. Copyright 2017 Comcast 21
- 20. Copyright 2017 Comcast 22
- 21. Copyright 2017 Comcast Enterprise Starter Pack 23 DR change control monitoring security/compliance backups
- 22. Copyright 2017 Comcast 24
- 23. Learn More. Stay Connected. 25 #springone@s1p How Comcast Embraced Open Nithya Ruff & Shilla Saebi Wed 17:40 | Room 2010 Comcast Booth @ The Hub * Platform Operators * * Application Owners * * Open Source Promoters * * Recruiting * Keynote Panel with Comcast Greg Otto Thursday 09:35
Editor's Notes
- #2: Hello all, thanks for coming to my talk. My name is Tim Leong, and I’m a Cloud Architect for Comcast….
- #3: Comcast is the largest Cable TV and Broadband internet provider in the country We have a lot of products and have now expanded into Mobile And all of the things you see here are, in some way, interacting with Cloud Foundry…
- #4: Enterprise wants to be more cloud My job + Pivotal’s job = allow clould to be more friendly to enterprises How have we done this
- #5: Our Cloud foundry presence at Comcast has seen explosive growth. We are 19K instances strong across over a dozen foundations All of which process 25k transactions per second, or 1.5 billion a day. So, CF at this Enterprise has been super successful. But it wasn’t automatic, and didn’t happen out of the box. We had to make some adjustments which I will talk about today…
- #6: Pivotal’s main purpose = bring enterprise to cloud
- #14: As we take on more workloads, some want the advanta