Platform - Technical architecture
2 likes1,394 views
This document provides an overview of the technical architecture for a cloud platform. It discusses various components including source control, continuous integration/build services, artifact storage, deployment services, infrastructure as code, orchestration, configuration/vaults, logging, monitoring, service discovery, load balancing, and platform services. For each component, it outlines relevant features, example solutions, and standards. The overall goal is to provide guidance on architecting a cloud platform that can build, deploy, host, run, and monitor application services.
Platform - Technical architecture
- 2. Hello! I am DAVE I have lots of letters after my name and many years of experience in getting stuff done. You can find me at @d_bones
- 3. Architecture I like how Simon Brown describes this: Vision The process of architecting making (significant) design decisions etc. Structure The definition of something in terms of its components and interactions.
- 4. 4+1 Architecture Today we will look at the physical view, aka deployment architecture.
- 5. Pipelines Quick overview of some pipelines which are associated to the platform. :)
- 7. Development pipeline Simple overview of a build to deployment pipeline. Note that when deployment a compiled artifact, you may deploy this to a number of environments (test, prod, etc).
- 8. Platform 30,000 feet view of a cloud platform. #
- 9. Overview Check out my slides on Principals, as this will play into any decision making. This contains an overview of components to ◇ Build ◇ Deploy ◇ Host / Run ◇ Monitor a set of application services.
- 10. Platform overview From Code -> Running
- 11. Solution Development From code to deploying onto the platform.
- 12. Source Control Centralised location to store your code, with support for master and feature branch development. Features ◇ Webhook support ◇ 3rd party integrations ◇ Code Collaboration ◇ Code Review ◇ Branches ◇ Revision History ◇ Secure (2FA?, encryption etc) ◇ Workflow support Solutions ◇ Bitbucket ◇ Github ◇ VSTS ◇ GitLab ◇ ... https://www.git-tower.com/blog/git-hosting-services-compared/ Standards ◇ Git ◇ Mercurial (HG) ◇ Subversion (SVN)
- 13. Build Service Continuous Integration is key to automate the creation of a build artifact. This artifact will be deployed onto an artifact server such as Docker Hub, NPM etc. Features ◇ Webhook support ◇ 3rd party integrations ◇ OS Support ◇ Stack support ◇ Source Control Branch Support ◇ Build pipelines ◇ Configuration with code ◇ Clean isolated agent ◇ Parallel test running ◇ Build History / Reports ◇ Run locally ◇ Secure ◇ Workflow support Solutions ◇ Bamboo ◇ Jenkins ◇ VSTS Build ◇ Travis CI ◇ AppVeyor ◇ Circle Ci ◇ Drone IO ◇ Shippable ◇ Wercker CI ◇ TeamCity ◇ ... Standards (during build) ◇ Not really, at a pinch ◇ YAML ◇ Docker Component Standards ◇ NPM ◇ Bower ◇ Docker ◇ Maven ◇ Nuget ◇ Gems ◇ ...
- 14. Artifact Store Stores the compiled artifact, which has been tested to a degree. Ready to be consumed directly by the developer / build server (library component) or deployed via the deployment service (application, middleware) Features ◇ Webhook support ◇ 3rd party integrations ◇ Secure (encryption) ◇ Fast network ◇ Store multiple version Solutions ◇ Docker Hub ◇ Quay IO ◇ Nuget ◇ MyGet ◇ NPM ◇ Artifactory ◇ BitBucket (Releases) ◇ GitHub (Releases) ◇ ... Standards ◇ NPM ◇ Bower ◇ Docker ◇ Maven ◇ Nuget ◇ Gems ◇ Zip / Tar ◇ ...
- 15. Deploy Service Automate deploying an artifact to an environment. (This is different to a CI server responsibility) In some cases you may need to automate the creation of a temporary environment (e2e testing) Features ◇ Webhook support ◇ 3rd party integrations ◇ OS Support ◇ Automated deployments ◇ Multiple environment support ◇ Environment definitions ◇ Environment overview ◇ Environment configuration ◇ Approval Workflow support ◇ Scripting ◇ Secure Solutions ◇ Bamboo ◇ Jenkins ◇ VSTS Release ◇ Shippable ◇ BuildMaster ◇ Octopus Deploy ◇ … Standards ◇ WebDeploy ◇ Docker
- 16. Platform Management Creating servers and hosting applications/services.
- 17. IaaS (PaaS*) Creating networks and servers on demand to host your services, with availability and scale sets. Use of particular platform services (remember platform vendor lock in.). Note you can span your platform across more than one IaaS, uses the best parts from any provider. Features ◇ API & Webhook support ◇ 3rd party integrations ◇ OS Support ◇ Bare Metal / Virtual Machines ◇ Networking ◇ Firewalls ◇ VPN ◇ Hardware SSD / RAM / CPU’s ◇ Availability / Scale sets ◇ Multiple Data Centers ◇ Secure Solutions ◇ Azure ◇ AWS ◇ RackSpace ◇ Digital Ocean ◇ Google Cloud Engine ◇ … Interesting solution: operations-management-suite Standards ◇ None?
- 18. IaaS (Provision Scripts) Infrastructure as Code. Provision the Network and Servers, with correctly configured Availability and Scale sets. Note that the servers will be provisioned with the Orchestrators Agents installed onto them. Features ◇ Create Servers ◇ Create Networks Solutions ◇ Terraform ◇ Ansible ◇ Azure Resource Manager ◇ ... Standards ◇ None?
- 19. Orchestrator Coordinates deployment and continuous running of services on the platform (servers). This is basically the hosting platform. Note that these solutions will be used to deliver other parts of the platform components. Features ◇ API & Webhook support ◇ 3rd party integrations ◇ OS Support ◇ SDN - Cross host networking ◇ Multiple environments ◇ High Availability ■ Auto Healing ■ Health Monitoring ◇ Rolling upgrades ◇ Fast startup and shutdown ◇ Scaling services ◇ Service placement ◇ High Density ◇ Hyper convergence (VM’s too) Solutions - Container based ◇ Rancher ◇ Kubernetes ◇ Docker Swarm ◇ … Solutions - alternative ◇ Service Fabric Standards ◇ Docker
- 20. Configuration / Vault A component to securely store application secrets. These can then be accessed during deployment and during the application running. Depending on the component used it will impact the overall solution architecture. Features ◇ API support ◇ 3rd party integrations ◇ Securely store values ◇ Securely store encryption keys Solutions - Value ◇ Hashi Vault ◇ Consul Solutions - HSM Keys ◇ AWS Key Management Service ◇ Azure Key Vault Solutions - Values @ deployment ◇ MS Release ◇ ... Standards ◇ None?
- 21. Service Support Knowing what is going on, so we can re-act accordingly
- 22. Logging Centralised logging service is key to spot and find errors which can occur for a service being hosted on several machines, or for several service on a single machine. Features ◇ API support ◇ 3rd party integrations ◇ Dashboard ◇ Easy Log filtering & sorting ■ By service ■ By host ■ By severity ◇ Store log entry details ◇ Automatically manage storage ◇ Live log feed ◇ Alerts ◇ Collect logs from all your components Solutions ◇ ELK stack ◇ LogEntries ◇ Loggly ◇ ... Standards ◇ Log4Net ◇ Winston
- 23. Monitoring Knowing that our platform is healthy and being alerted immediately when it is not. Gain understanding and trend insight of our services. Interestingly many components will provide partly to this, however we need a central view of our estate, which could be spanning several data centers across several IaaS providers. Features ◇ API support ◇ 3rd party integrations ◇ Dashboards ◇ APM ◇ End user monitoring ■ Mobile ■ Browser ◇ Infrastructure Visibility ◇ Database and Queues monitoring ◇ Application analytics ◇ Alerts Solutions ◇ ELK stack ◇ New Relic ◇ SysDig cloud ◇ DataDog ◇ Dynatrace ◇ Appdynamics ◇ MS Operations management suite ◇ Prometheus ◇ Icinga 2 ◇ StatusPage IO ◇ Pingdom ◇ ... Standards ◇ Stats D ◇ HTTP
- 24. Platform services Services which your application will use directly
- 25. Service Discovery AKA Service Registry. This component is a lookup for all hosted services and their instances. As an orchestrator manages the deployment and running of services, they normally a service discovery solution. Features ◇ API support ◇ Holds the location of all active service instance ◇ High availability Solutions ◇ Etcd ◇ Zoo Keeper ◇ Consul ◇ DNS ◇ Message Broker Solutions - orchestrator ◇ Rancher - DNS (changeable) ◇ Kubernetes - Env Var / DNS ◇ Docker Swarm - DNS ◇ … Standards ◇ DNS http://dbones.github.io/2016/01/service-discovery/
- 26. Load Balancing Requests being shared across multiple instances of a service. As an orchestrator manages the deployment and running of services, they normally include some form of load balancer Features ◇ API support ◇ Holds the location of all active service instance ◇ High availability ◇ Session affinity ◇ Round robin ◇ SSL Termination Solutions ◇ HA Proxy ◇ Nginx ◇ DNS Solutions - orchestrator ◇ Rancher - HA Proxy / DNS / custom ◇ Kubernetes - Kube-Proxy /custom ◇ Docker Swarm internal / custom Standards ◇ DNS ◇ Layer 4 and 7 OSI http://dbones.github.io/2016/01/service-discovery/ https://www.nginx.com/resources/glossary/layer-4-load-balancing/
- 27. Possible setup To the cloud!
- 28. Set your strategy ◇ Confirm your Goals, Principles and Constraints. ◇ Apply basic research to get a candidate list of components (put the logo against each component in the platform diagram). ◇ Note which candidates are tactical or strategic. ◇ Run a number of POC’s and Technology Adoption Processes on the the candidates. ◇ Retrospect on your choices and evolve.
- 29. Example platform
- 30. Thanks! Any questions? You can find me at: ◇ @d_bones ◇ dbones.co.uk
Editor's Notes
- #8: Consider how you achieve blue/green deployments, and apply database migrations.
- #11: This is a generic platform which covers components which are used to devops your solution. Image from dbones.github.io
- #12: pexels
- #16: Recommend not to use a CI for deployment.
- #17: Image from freepik
- #18: Consider PaaS services. But you have to consider what your application architecture is as well. Microsoft Operations-management-suite <- need to understand more.
- #19: Consider PaaS services. But you have to consider what your application architecture is as well.
- #20: Note that these tools cover over section of the landscape. Service Discovery, load balancing etc Take advantage of the SDN.
- #21: Very hard
- #22: Image from pexels
- #24: http://www.riverbed.com/gb/forms/Riverbed-SteelCentral-named-a-challenger-in-Gartners-2015-Magic-Quadrant-for-APM.html?cid=70133000000e6gh&utm_source=google&utm_medium=cpc&utm_campaign=AppInternals&utm_term=Apm&utm_content=Search%20-%20SteelCentral%20-%20APM%20%20-%20EMEA&gclid=COfDtrGXrs8CFeMy0wod8GAJ2Q
- #25: Image from dbones.github.io
- #27: https://freeloadbalancer.com/load-balancing-layer-4-and-layer-7/