systems on the edge - your stepping stones into oracle public paas cloud - amis25 beyond the horizon...

Lucas Jellema

AMIS25 - The Netherlands, 2 & 3 June 2016

Systems on the Edge—Your Stepping Stones into Oracle Public Cloud and the PaaS Platform

3

The Cloud

4

Three perspectives

The Cloud

IaaS/PaaS- Quick provisioning of

environments- No investment upfront- Pay per use- No ramp up time (wait for

iron, …)- Scalable- Available- Temporary/ Peak handling- Secure

SaaS- Plug & Play (turn key)- No need for on premises IT

infrastructure nor staff- Global Accessibility- Functionality only available

from the cloud Enterprise

5

Three perspectives: “the world outside”

The Cloud

SaaSSaaS

SaaS

Enterprise

Enterprise Database

ERP

Core Business

Application

Enterprise Documents

B2C

B2B

A2A

6

Three perspectives: “the world outside”

The Cloud

SaaSSaaS

SaaS

Enterprise

Enterprise Database

ERP

Core Business

Application


B2C

B2B

A2A

Open Up:• Web Portal• Mobile App• APIs/Services• Push Notifications• Data & Document

Exchange

Concerns:• Security• Load/Scale• Availability• People and Means

7

Scenario:Data API Portal

• Company is major player in logistics• Direct dealings with up to 100 major players

in shipping and customs• Direct and indirect dealings with

10K smaller stakeholders• (Near) real-time data on planning and actual whereabouts is very relevant

– Improving service levels to main customers (amidst growing competition)– Increase efficiency for external parties as well as for the company itself– Offering data will be a bargaining chip to also receive more data– Providing business value to direct and indirect stakeholders – which may directly

bring in money or will indirectly increase attractiveness • Volumes

– 10-100Ks messages per day• Requirements

– Minimal load on existing backend systems and IT staff– Self service administration performed by external data ‘governors’

8

Data API Portal

Enterprise Database (Oracle)


10K stakeholders

100 directly involved parties & data owners

Enterprise Backoffice

.NET SOAP web

services

.NET SOAP web

services

Mobile App

Mobile AppMobile

App

Data ApiWeb Portal

Web Portal

Data Api

Data Api

Push Subscription

Push Subscription

Payment Service Provider

user management &

API and Data Set authorization

Handle billing for Data Services

9

Planned Architecture




.NET SOAP web

services

.NET SOAP web

services

Mobile App

Mobile AppMobile

App

Data Api

Data Api

Data Api

Push Subscription

Push Subscription

iPaaS/mBaaS

APIs

Requirements:- Secure – authenticated, authorized data access, DoS protection, TLS, …- Scalable, Available, Off-loading from back-office systems (Caching)- Monitoring, Analytics, Reporting, Throttling- Webshop-like Data API Portal

10K stakeholders


Web Portal

Web Portal


10

Mapping Oracle PaaS Services to Data API Portal



10K stakeholders



.NET SOAP web

services

.NET SOAP web

services

Mobile App

Mobile AppMobile

App

Data ApiData Api

Data Api

Push Subscription

Push Subscription

MCS


Idm CS

APICS

MsgCS

ICS

PCS

APIs, analytics, storage, user

mgt, locations, MAX

Web Portal

Web Portal

AB CSJET on ACCS

11

Mapping Oracle PaaS Services to Data API Portal



10K stakeholders



.NET SOAP web

services

.NET SOAP web

services

THE EDGE

12

Edge Systems

• What are edge systems?– Systems accessed by parties (people

or systems) from outside the enterprise • Typical characteristics

– Visible to business partners & the general public– Interactions initiated externally – large numbers of

unknown individuals/devices/systems• External entities accessing systems

– Uses data only indirectly (does not store data)• Except application specific data (user preferences)

and perhaps for caching reasons

Enterprise

DMZ

Enterprise Database

ERP

ESB

Core Business

Application


X

Z

Y

Q

API Gateway

13

Edge Systems

• Typical Challenges– High availability requirements– Scalability/volume/peaks

• License consequences

– Latency– Security: potentially large numbers of fairly

unknown parties accessing the enterprise realm– Short time to market– Provisioning environments and network

configuration (timely) • linking up with many parties that

are external to the enterprise

Enterprise

DMZ

Document Exchange

Website & Portal

CX

B2B API

3rd Party Workflow

IoT data drop-off

Mobile APIs

API Gateway

Enterprise Database

ERP

ESB

Core Business

Application


X

Z

Y

Q

14

Edge Systems moving towards the cloud

Enterprise

DMZ

Document Exchange

Website & Portal

CX

B2B API

3rd Party Workflow

IoT data drop-off

Mobile APIs

API Gateway

Enterprise Database

ERP

ESB

Core Business

Application


15

Edge Systems moving towards the cloud

Enterprise

DMZAPI

Gateway

Enterprise Database

ERP

ESB

Core Business

Application


Document Exchange

Website & Portal

CX

B2B API

3rd Party Workflow

IoT data drop-off

Mobile APIs

16

Edge Systems moving towards the Oracle Public Cloud

Enterprise

DMZAPI

Gateway

Enterprise Database

ERP

ESB

Core Business

Application


Doc CS

Sites & JCS & Portal

CX

ICS & SOA CS

PCS

IoT, Node.JS

MCS

17

How cloud addresses challenges for edge systems

• High availability requirements– Web Scale operations– Multi-site (region)

• Scalability/volume/peaks– Dynamic, rapid, on-demand upscaling/downscaling– Pay per use, no upfront investment, No High Watermark licensing

• Latency– Multi Data Center topology, Distributed Content Delivery

• Security: potentially large numbers of fairly unknown parties accessing the enterprise realm– Relocation of the DMZ to the cloud– The only interaction with the enterprise realm is by well-known cloud based systems

– not by many third parties– Web Scale security measures

• Provisioning environments and network configuration– Out of the box, click-next-finish, minutes to completion

18

Edge on Cloud <=> On Premises integration challenges

• Data Pipe– Two way (cloud enterprise)– Synchronous & Asynchronous (event push)– Secure– Approach: SSH or even VPN channel, API Gateway in DMZ, local agent on

premises, leverage message cloud (aysnchronous push and pull)• Data Cache (refresh) & Data Replication• Identity Management – replication of identities & roles• UI Integration

– “mash up” and deeplink navigation– Session sharing and Single Sign On– consolidated search and menu– style & web content synchronization

• Software Delivery – (no more challenging

than on premises)

Enterprise

DMZ

19

Case:Monthly Reporting obligation

20

Case:Monthly Reporting obligation

• Financial institution is faced with the requirement to monthly report events and status to a dozen stakeholders such as government agencies– Each stakeholder receives a customized report

• The challenge: how to deliver the report– Given functional and non-functional requirements

• Options– On paper– Email attachment– (S)FTP server– Read only secure web site– …

• Requirements– Electronic, On line– Archive/history– Searchable– Multi-format

Enterprise

Enterprise Database

Core Business

Application


Report Generator

sftp

web site

email

paper mail

IAM

21

Case: Monthly Reporting obligation

Business Partners, Government Agencies and other stakeholders

Document Cloud

Service

Enterprise

Enterprise Database

Core Business

Application


Report Generatorupload through APIIdentity Cloud

Service

Doc History & ArchiveSearch

Mobile AccessSecure

Access Audit trailSocial integration

Format conversion

22

Mobility

23

Case: Mobile App for veterinarians

Enterprise

Service Bus

SOA Composite

3rd party case mgt

Mobile Veterinarian

Enterprise Database

Core Business

Application


B2B Partners

3rd party ERP

Portal

SOAP2REST

SOAP RESTXML JSON

Some Concerns: • Volume• Security• API unfriendliness• Development &

maintenance effort• Monitoring &

Analytics

24

Case: Mobile App for veterinarians

Enterprise

Service Bus

SOA Composite

3rd party case mgt

Mobile Veterinarian

Enterprise Database

Core Business

Application


3rd party ERP

Portal

Mobile

ICS | SOA CS

B2B Partners

APIconnect

pushanalytics

usermgt

32

Case: the ultimate digital user experience

33


• Pension Fund with high ambitions– Themes: Digital, self service, 24/7, paperless, STP , Google fast and Apple friendly– User benefits: higher quality and faster (even pro active) response, great experience– Business benefits: cost reduction, competitive position, new services, agile: quick time

to market• Portal and Customer Experience are crucial in this strategy

– Multiple user groups (employees, employers, financial consultants, …– Multiple brands– Both public (web site) and personal (authenticated portal)– Strong integration with back end enterprise systems– Easy web content management (dialogs, documents, FAQ/knowledge, events& news)– End to end “interaction & process analytics”– Security and compliancy regulations– Multi-channel strategy: portal and B2B are main channels – but not the only ones

(telephone, chat, social, email and for now paper based mail); perhaps mobile as well• Traditionally, most applications are custom built with Oracle technology and

deployed on-premises

34


WebCenter Portal

Service Cloud

Mobile

Document Cloud

Service

SOA CS

Message CS

Enterprise

IAM

API Gateway

VPN

Service Bus

SOA Composite

BAM

Cloud Events

BPMVarious End User Groups

Enterprise Database

Core Business

Application


CRM

B2B Partners

35

The first step in the Case of the ultimate digital user experience

Service Cloud

Enterprise

IAM

VPN

Service Bus

SOA Composite

BAM

BPM

Various End User Groups

Enterprise Database

Core Business

Application


CRM

B2B Partners

WebCenter Portal

WebCenter Content

Service Bus

Multi-Channel• Telephone• Chat• Email• Portal

Call Center App

36

Case: IoT

37

Case: IoT

• Collect physical measurements and signals from the real world in real time– Security Sensors, Traffic Flow Signals,

Biomedical Measurements, Weather Conditions, Earth-Movement-Registration, Logistics Recordings,

• Gather, Filter, Analyze, Process signals to data, information and findings

• Challenges:– Availability – real time, 24/7, quick reaction required (sometimes, but very quick)– Accessibility (from many different locations, many outside enterprise reach)– Volume (and real time peak capacity)– Latency (local data drop-off points and decentralized initial processing)

• Conditions– Limited (initial) enrichment– Eventual hand-over of findings to enterprise infrastructure and systems

38

Case IoT

IoT

Node.JS

Mobile

ICS

SOA CS

Message CS

Enterprise

Agent

API Gateway

VPN

Service Bus

SOA Composite

BAMCloud Events

Stream Explorer

High volume IoT signals

BI CS

39How to get going with an Edge System on the cloud

Enterprise

40

Oracle Public CloudTerminology

Identity Domain

DBaaS JCS HCM

Oracle Public Cloud Services

Account

Data Center (Region)

Service

Service Association

Users & Roles

Oracle (OTN)

Account

AccessPrivilege

Identity Domain

JCS SalesICS

41

How to get going with an Edge System on the cloud

• Create an Oracle Public Cloud account + Identity Domain• Subscribe to relevant Cloud Services• Manage users within identity domain

– assign service access privileges

42


• Provision instances of services (where relevant)– Such as DBaaS, JCS, SOA CS, Messaging

43

Oracle Cloud My HomeServices Console

https://myservices.us2.oraclecloud.com/mycloud/faces/dashboard.jspx

44


• Perform development – Locally (for most cloud services) – SQL Developer, JDeveloper, your favorite editor– ICS, PCS, ABCS and MCS have development through the browser in the cloud– Optionally use the Developer Cloud Service to organize (distributed) development

• Implement automated build and deployment to the cloud (Cloud targeted CD), possibly using Oracle Developer Cloud Service

• All testing is done in the cloud– unit test, system integration test, acceptance test, automated regression test

45


• Implement the bridge between (API calls, navigate/deeplink, UI mash up)– the various cloud services– the final cloud services and the on-premises systems– Also: network configuration to support the bridge

• Arrange for user friendly URLs – for end user User Interface systems• Implement Identity & Access Management for internal and external users

– Integrate with on-premises IAM systems (replicate to cloud?)– Single Sign On across cloud and from on premises to cloud

• Set up Cloud Ops – Operations for the cloud based systems & flows – Oracle Management Cloud

46

Summary

• Do not ask: how to get to the cloud• Starting point is why?

Cloud fulfills a business need or provides a business opportunity – That is the driver and the business case justification

• Edge systems have common requirements, challenges and opportunities– Many of which are dealt with by cloud based solutions– The business case is quickly defined – using speed, capacity, flexibility, availability,

security, functionality and TCO• Typical edge systems use cases include:

– B2B, Portal, Mobility, Silo-as-a-service (lift and shift)• Other low hanging cloud fruit

– Development automation, Back up, Long term archive, Monitoring (real time analytics on log files and operational metrics), BI and Tactical Analytics, Big Data

• An initial investment is required: time, effort, frustration, learning curve– Opportunity to be an early adopter and reap benefits quickly

Blog: http://technology.amis.nlTwitter: lucasjellemaMail: [email protected]

http://technology.amis.nl/

http://technology.amis.nl/