architecture & operations

© Copyright 2014 Pivotal. All rights reserved.

Pivotal Cloud Platform Deep DivePart 2: Architecture and The Operator ExperienceSani Chabi [email protected]

1

Keith [email protected] @keithresar

mailto:[email protected]?subject=






Architecture and the Operator Experience• Pivotal Cloud Foundry Architecture

• Structured Platform for Cloud Native Apps • One Click CenturyLink Ops Manager and CenturyLink

Dashboard• The Operator Experience


Moore’s Law Of Applications The Good Old Days

– 3 applications– Physical Servers + Scripts

Present Day– 300+ applications– IAAS + CAPS

The Future– 30,000 applications– ?

PROBLEM SPACE


Plus…

And many more….


Operation agility as the secret sauce

© Copyright 2014 Pivotal. All rights reserved. 6

A STRUCTURE PLATFORM

• Self-service provisioning with RBA• Many Touch points to ONE Platform• Configuration changes• Updates/upgrades• Remediation• Scale out/Scale in• Immutable environment

Amend

(Re)deploy

(Re)configure

(Re)connect

Monitor

Current State Desired

State


2 Key Components to Pivotal Cloud Foundry

Ops Manager/ Operations Manager: A web application that you use to deploy and manage a Pivotal Cloud Foundry PaaS

Elastic Runtime: The set of core Cloud Foundry services that are installed, upgraded and scaled via Ops Manager


Loggregator DEA Pool

Router Cloud Controller

BOSH Director BOSH Agent

UAA/Login Servers Health Manager

Service Broker Node(s)

Messaging (NATS)

IaaS

Cloud Foundry Architecture Stack


Pivotal CF deployment on CenturyLink Cloud


Demo

© Copyright 2014 Pivotal. All rights reserved.© Copyright 2014 Pivotal. All rights reserved.

What’s on Pivotal Cloud Foundry for an operator?

24


Pivotal Cloud Foundry operations

Developer Operator


Install runtime and container

Deploy to dev



Install services (db, messaging, hadoop, …)

Deploy to dev




Setup load-balancing, SSL termination and dynamic routing

Deploy to dev



Setup load-balancing, SSL termination and dynamic routing

Setup / config High Availability

Deploy to dev




Setup load-balancing, SSL termination and dynamic routingSetup / config High Availability

Setup APM

Deploy to dev





Setup APM

Setup log streaming

Deploy to dev





Setup APM

Setup log streaming

Deploy to dev

App Deployed





Setup load-balancing and dynamic routing


Setup APM

Setup log streaming

Deploy to dev

Deploy to Test

Deploy to QA

Promote to production

Scale up

Update app

Scale down

Redeploy

Unbind service

Bind service

Restart server

Change route

Scale Platform

Create service

Delete App

Blue-green deployment

Check logsscale memory

Update app server

Change JDK

Upgrade app




Setup load-balancing and dynamic routing


Setup APM

Setup log streaming

Deploy to dev

Deploy to Test

Deploy to QA

Promote to production

Scale up

Update app

Scale down

Redeploy

Unbind service

Bind service

Restart server

Change route

Scale Platform

Create service

Delete App

Blue-green deployment

Check logsEscale memory

Update app server

Change JDK

Upgrade app


Deploy to dev

The Pivotal CF way


Deploy to dev

> cf pushCloud

ControllerHealth

Manager

NATS(message

bus)

RouterApp Deployed

The Pivotal CF way


Operator Concerns Monitor the

platformHandle upgrades and updates

Plan capacity

Manage users Quotas and services

Setup High Availability


Orgs, Spaces, Users and Quotas


Self-service with RBACSOLUTION SPACE

PIVOTAL CLOUD FOUNDRY

IMMUTABLE SELF-SERVICE PROVISIONING PLATFORM

RBAC• Organization, User role, Space• New environment in seconds• SSO with your existing IP (AD,

LDAP, SAML2)

ADMIN CONTROLS• Set limits on Key resources• Set Quotas per Orgs.• Fine grained control to restrict

inbound/outbound traffic.

MARKETPLACE• Self-provisioning on services (Data

Services, mobiles services, etc.)• PCF Managed and 3rd party

provided services


What about my legacy services?


SOLUTION SPACE


Service Broker options

Service Broker

Service Broker

Service Broker

IBM DB2ORACLE DB

MongoLab

Send Grid

AppDirect

ClearDB

INTE

RN

ETSynchronous

ORACLE DB

SOLUTION SPACE


Demo


Operator Concerns

Monitor the platform

Handle upgrades and updates

Plan capacity




Provision services, not machinesEnables continuous delivery

Cloud-agnostic view of Platform Ops

Holistic Toolchain for “rule them all"

Eliminate bespoke automation on top of config management

Why BOSH


The BOSH Architecture

Very similar to CF architecture itself

Director as analogy to Cloud ControllerDifferent CPIs exist per IaaS implementationWorkers responsible for executing tasks as dictated by Director


How about and CF?

47


IaaS


Mobile Servicesfor Pivotal CF

ElasticSearch for Pivotal CF

CloudBees JenkinsEnterprise

Cassandrafor Pivotal CF


IaaS






Click to installNo downtime updatesExplore install logs

Click to scale the platform

Built-in High Availability

Built-in Platform Monitoring

Integrated services


IaaS






BOSH releases

CF


PCF – Each Layer Upgradable with Zero Downtime

runtime layer

OS image

application layer

PCF Buildpack Apps

linux host & kernel

App container

PCF Supported

Dev Supported

Ops Supported

• Platform Provided• CVEs addressed by

Pivotal• Canary-style, zero-

downtime upgrades

• Platform or Developer Provided

• CVEs addressed by Pivotal (for Platform Provided)

• Blue/Green deployments

• Developer/App team provided

• Blue/Green deployments


Demo: How long does it take you to deploy a patch in production?

Demo


Operator Concerns



Plan capacity

Manage users quotas and services



Platform Monitoring

How do I know when to scale DEAs?How many requests each Router is servicing?

What is the current load of my Cloud Controllers?


Platform Monitoring

Collector

JMX Provider

JMX Monitoring Tool


Monitoring in Pivotal Cloud Foundry

APPLICATIONS

• CLI: cf logs <appname>• Apps Manager• ELK tile• RBAC

PLATFORM

• SYSLOG Endpoint• Configuration via Ops

Manager• Logs Search & Persistence

such as ELK• Only accessible by Admins

• Collector Component with plugins for JMX and Datadog

• Ops Metrics tile • Firehose

M

ETRI

CS • Agentless APM• APM Integrations through

buildpacks

LOGS


Operator Concerns



Plan capacity




4 Layers of built-in High Availability

Application Instance

Platform Processes

Platform VMs

Availability Zones




Platform Processes

Platform VMs

Availability Zones


App Instance HA

Blobstore

Rou

ter

Cloud Controller

DEA

Messaging (NATS)

DEA DEA

Runtime

Health Manager

Actual State

Cloud Foundry




Platform Processes

Platform VMs

Availability Zones


63

Platform Processes HA

Blobstore

BOSH

Health Monitor

DB

Messaging

Health Manager

Target VM

Cloud Controller

BOSH Director

NATS

Agent

Agent

Agent

Process

Process

Process

Pivotal CFDEA

Agent Process


Platform Processes HA

Target VMCloud Controller

Agent ProcessRestart




Platform Processes

Platform VMs

Availability Zones


66

Platform VMs HA

Blobstore

BOSH

Health Monitor

DB

Messaging

Health Manager BOSH Director

NATS Agent

Agent

Cloud ControllerAgent Process

Process

Process

Pivotal CFCloud Controller

Agent Process

Ressurector

Re-create VM

VM is missing…




Platform Processes

Platform VMs

Availability Zones


Availability Zone #2

68

Availability Zones

DEA

DEA

DEA

R

oute

r Blobstore

Cloud Controller

Health Manager

Messaging (NATS)

Push app

Availability Zone #1

DEA

DEA


Operator Concerns



Plan capacity




Virtualized Infrastructure

Infrastructure-centric Operations model

Your Application Code

Dat

abas

e

Web

S

erve

r

Mes

sagi

ng

IaaS+ (+automation) IT Ops Team

App Team(Dev and Ops)

SOLUTION SPACE


Application-centric Operation model



Dat

abas

e

Web

S

erve

r

Mes

sagi

ng

IaaS+ (+automation)

IT Ops Team

App Team


PAAS


PaaS Ops Team

App Team(Dev and Ops)

Emits application “dial tone”• Configuration• Runtime• Logs• Metrics• Health Management• Security

SOLUTION SPACE


THANK YOU!See you after the break!

82

architecture & operations

Technology