Redefining Perspectives edition 12 and 13 session 2
0 likes317 views
The document outlines a thought leadership forum discussing lessons learned from real-life cloud computing implementations, presented by technologists Vibhor Mathur and Shivam Kumar. It details key challenges in migrating complex applications from on-premise to the cloud, including security, performance, integration with existing infrastructure, and operational considerations. The document emphasizes strategic planning for cloud deployment, addressing potential infrastructure issues, and adopting a hybrid cloud model for variable compute needs.
Redefining Perspectives edition 12 and 13 session 2
- 1. Redefining Perspectives A thought leadership forum for technologists interested in defining a new future
- 2. Session 2 Lessons from Real Life Cloud Computing Implementations
- 3. Vibhor Mathur Senior Specialist – Technology Sapient Global Markets (India) Vibhor has more than 14 years of experience in designing and developing complex business critical applications primarily using C++ / VC++ technologies He has a strong hold on the Trading and Risk Management domain, specifically in the areas of trade life cycle management and handling of OTC (Over the Counter) trades
- 4. Shivam Kumar Specialist – Technology Sapient Global Markets (India) Shivam has over 9 years of experience in software design and development. He specializes in performance and scalability of applications He has developed various systems using platform and technologies like compute grids, Hadoop and Cloud Computing to achieve scalability. He has co-authored in- house compute grids and elastic servers
- 5. CLOUD COMPUTING: LESSONS FROM REAL LIFE IMPLEMENTATIONS Vibhor Mathur and Shivam Kumar May 2014
- 6. What We’ll Cover Share a perspective on the challenges faced and lessons learnt from real life experiences of working on cloud based implementations Porting a complex app from on-premise to cloud 1 Integrating a cloud application with on- premise infrastructure 2 © COPYRIGHT 2014 SAPIENT CORPORATION
- 7. Porting a Complex Application from On-premise to Cloud
- 8. We’ll Focus on… • Solution Layout • Security • Performance • Platform Availability • Operations
- 9. CMRS | Application Context 9 TRADING FIRM TRADING SYSTEM 1 TRADING SYSTEM 2 TRADING SYSTEM 3 TRADING REPOSITORY (e.g. DTCC) CMRS (Sapient) © COPYRIGHT 2014 SAPIENT CORPORATION
- 10. CMRS | Deployment on Cloud © COPYRIGHT 2014 SAPIENT CORPORATION
- 11. • Hardware Based Limitations – e.g. use of MQ Porting from On-premise to Cloud (1/2) MQ SERVER 1 MQ SERVER 2 MQ RECEIVER CMRS ON PREMISE TRADING REPOSITORY DEDICATED NETWORK Interfacing with external entities needs to be thought through across the following dimensions: © COPYRIGHT 2014 SAPIENT CORPORATION
- 12. TRADING REPOSITORY Porting from On-premise to Cloud (1/2) SFTP SERVER 1 SFTP SERVER 2 SFTP RECEIVER CMRS ON CLOUD Cloud Service Interfacing with external entities needs to be thought through across the following dimensions: © COPYRIGHT 2014 SAPIENT CORPORATION • Hardware Based Limitations – e.g. use of MQ INTERNET
- 13. TRADING REPOSITORY Porting from On-premise to Cloud (1/2) SFTP SERVER 1 SFTP SERVER 2 SFTP RECEIVER CMRS ON CLOUD Cloud Service Interfacing with external entities needs to be thought through across the following dimensions: © COPYRIGHT 2014 SAPIENT CORPORATION INTERNET • Hardware Based Limitations – e.g. use of MQ • Static IP Address Limitation PUBLIC PRIVATE
- 14. Porting from On-premise to Cloud (2/2) Partner with the cloud platform vendor to establish the architecture • Deployment Design – e.g. use of availability sets • Security – e.g. use of access control lists • Software license usage – e.g. optimizing the use of BizTalk licenses © COPYRIGHT 2014 SAPIENT CORPORATION
- 15. Security in Cloud 15 Data in Transit • Transmission over sFTP Data at Rest • Data Encryption • Disable Copy over RDP Environment • Access Control Lists (ACLs) • Site to Site VPN Tunnel • Penetration Testing • Intrusion Detection Governance • Processes • Audits © COPYRIGHT 2014 SAPIENT CORPORATION
- 16. Plan for Performance Related Changes 0 5 10 15 20 25 30 35 40 45 1 2 3 4 5 6 7 8 9 10 Throughput(msgs/sec) Iterations On Cloud On Premise • Performance of the application cannot be assumed to be same as on premise • Key physical characteristics of the cloud platform • IOPS of the system drive – e.g. system drives are read optimized by default • Potential deployment re-engineering • Distribution of key database files across disks © COPYRIGHT 2014 SAPIENT CORPORATION
- 17. Platform (Un)Availability – Assume Things will go Wrong Event Possible Mitigation Scheduled Outages Processes / Standard Operating Procedures Unscheduled Outages Processes + Deployment Design Human Error Processes + Governance © COPYRIGHT 2014 SAPIENT CORPORATION
- 18. • Infrastructure Management • Patching, anti-virus updates • Monitoring • Service Level Agreements • Understanding the SLAs of all the players including the cloud platform provider • SLAs we offer has a significant impact on the cost e.g – 24x7 vs 16x5 support model • Costs • Infrastructure cost – architecture choices has a major impact • Supporting the platform – people cost could be substantially higher Operating a Cloud Based SaaS Platform © COPYRIGHT 2014 SAPIENT CORPORATION
- 19. Integrating a Cloud App with On-premise Infrastructure
- 20. We’ll Focus on… • Introduction to Risk Calculator • Motivators for Moving to Cloud • Application Topology • Demo – Key Features • Auto Scaling • Integration with Enterprises Services We’ll focus on… © COPYRIGHT 2014 SAPIENT CORPORATION
- 21. • Risk Calculator finds out risk scores of Mortgage Backed Securities (MBS) • Large number of MBS securities. • Characteristics • Highly CPU intensive process • Irregular usage pattern Introduction to Risk Calculator Portfolio Manager Risk Calculator Client Logging Service Application Monitor Application Support Team Server Server Server Server © COPYRIGHT 2014 SAPIENT CORPORATION
- 22. Why move Risk Calculator to Cloud • Scale-on-Demand: Cloud allows risk calculator to add computing power when needed • No Initial Investment: on procuring infrastructure that is not fully utilized • Reduced Maintenance Overheads: maintenance for components unsupported by the enterprise can be outsourced to the cloud © COPYRIGHT 2014 SAPIENT CORPORATION
- 23. Application Topology on Cloud EC2 Server Server Server Server Risk Calculator Client Request Queue (SQS) Response Queue (SQS) ENTERPRISE Elastic Cache Simple Storage Service (S3) © COPYRIGHT 2014 SAPIENT CORPORATION
- 24. ENTERPRISE EC2 Server Server Server Server Risk Calculator Client Request Queue (SQS) Response Queue (SQS) Elastic Cache Simple Storage Service (S3) Auto Scaler Server Server Auto Scaling © COPYRIGHT 2014 SAPIENT CORPORATION
- 25. Enterprise Integration EC2 Server Server Server Server Risk Calculator Client Request Queue (SQS) Response Queue (SQS) ENTERPRISE Elastic Cache Simple Storage Service (S3) Auto Scaler Server Server Logging Service Application Monitor Reverse Tunnel Apache HTTPD Reverse Proxy © COPYRIGHT 2014 SAPIENT CORPORATION
- 26. ENTERPRISE Credentials Management Credentials Store Credential Service Risk Calculator Auto Scaler Enterprise Authentication Server Identity and Access Management (IAM) © COPYRIGHT 2014 SAPIENT CORPORATION
- 28. Lessons Learnt 1. Porting an On-premise Application to Cloud • Design the solution considering cloud constraints e.g. dependency on hardware • Running a SaaS platform is a different ball game e.g. Cost Management, SLA Management • Cost is not a differentiator - go with a vendor who is willing to partner © COPYRIGHT 2014 SAPIENT CORPORATION
- 29. Lessons Learnt 2. Integrating an Application on Cloud with On-premise Infrastructure • Use hybrid cloud model where the need for compute power is extremely variable • Integrating with enterprise services will be needed – design for it upfront • Integrating from cloud into the enterprise is not trivial e.g. security perception © COPYRIGHT 2014 SAPIENT CORPORATION
- 30. Thank You