More Related Content Similar to Choosing a dev ops paas platform Similar to Choosing a dev ops paas platform (20) More from John Mathon (11) Choosing a dev ops paas platform1. Selecting a DevOps/PaaS Platform
John Mathon
VP, Enterprise Evangelism
Blog: Johnmathon.wordpress.com
Twitter: @john_mathon
Mail: john@wso2.com
(C) WSO2 2014
3. © WSO2 2014
The Broadest Product Set for the Connected Business
Stratos PaaS Foundation App Factory
Carbon Middleware Platform Developer
Studio
Stratos'Controller'
'
'
'
Stratos'Controller'
'
'
'
Iden. ty'
Mgmt''
Service'
Logging'
Service'
Security'
Service'
Registry'
Service'
Data'
Service'
Elas. c''
Load'
Balancer'
Cloud'
Controller/'
Autoscaler'
Artefact''
Distribu. on'
Service'
Deployment'
Synchroniser'
Management'
Console'
File'
Storage'
Service'
Task''
Mgmt'
Service'
Meter'
and'
Billing'
Service'
Load''
Monitor'
PaaS!
Foundation!
App Fact or y !
App Fact or y !
App Fact or y !App Fact or y!
4. © WSO2 2014
What is a PaaS?
• PaaS automates the development and operations of
Application(s) in a self-service way
• Provides incremental costs as you grow the
application(s) and tenants it runs
• Best Practices baked in
• Provides resource sharing to reduce costs
• Generally runs on top of an IaaS infrastructure either
Private or public
6. © WSO2 2014
The process simplified wDevOps:
Before - software development is costly and
risky as well as a slow process
30-50% of project cost and time in dev
Large hardware commitment up front
Operations personnel a big cost
• Do tests on early versions of software to determine loads
from customers
• Plan demand expectation and hardware required
• Acquire hardware and networking equipment for a time
period including additional hardware for failures and
expected peak periods
• Find space for hardware, plan network integration plan, rule
changes in switches, routers, update configuration
management, outages for upgrades and changes
• Test hardware and network with software to insure it works
• Understand failure modes, when to scale, runbooks for
different scenarios, train people in operation and what to do
in different scenarios. Write scripts to detect scenarios and
provide needed information in failures.
• Write or acquire management tools, put in instrumentation in
hardware.
• Plan for upgrade strategies, outages and SLA measurements,
backup policies.
• Beta customers
• Go Live
Now (cost and time nearly
disappears, zero upfront, lower risk)
• Choose IaaS vendor
• Choose PaaS platform
• Write some runbooks for different scenarios,
train people in PaaS operation
• Deploy software
• Beta customers
• Go live
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Time
Cost
Time
Cost
Development
Test/Deployment
Operations
$$$$$$$$$$$$$$$$$$$$$$$ SAVED!
SAVED!
7. Lower Costs, Faster Time to Market
In today’s world this is not optional for many
companies
(C) WSO2 2014
8. © WSO2 2014
PaaS/DevOps Initial Costs
Vendor Selection, Tools
• Select PaaS platform
• Choose one or more IaaS
– Public IaaS
• Select Vendors
• Security research
• Value Added Services
• Compliance issues
– Private IaaS
• OpenStackvsVMWarevs
Eucalyptus vs …
• Select hardware
• Network
management, security
Skill Development, Integration
• Hire/train competency
in DevOps
• Developers training
• DevOps administration
• Design and Test ALM
9. © WSO2 2014
What’s the difference DevOps/PaaS?
Basic DevOps – you write the
automation
• Chef, Puppet
• You write the rules
• You figure out how to deploy
on IaaSinfrastructure(s) or
on-premise
• You figure out and
implement how to scale
usually implemented
manually
• You figure out and deploy
FT/HA strategy
• Tenant management and
other tasks like security may
be very manual still
PaaS – its built in
• PaaS automatically builds
deployment architecture
• PaaS can deploy on hybrid
infrastructure
• PaaS can scale
automatically
• PaaS configures clusters
automatically
• PaaS load balances, assigns
tenants and fires up new
instances as needed and
resources needed for those
instances
10. © WSO2 2014
Different Types of PaaS
• Application PaaS
– Language / IaaS / Application specific PaaS – some good for Java or
Ruby or PHP or only work on AWS or Azure or OpenStack or with
Salesforce or their Application
• Toy PaaS
– Not designed for “enterprise” with multiple tenant teams, multiple dev
environments, more rule oriented, don’t isolate test from
production, not designed for large scale production, limited integration
capabilities
• Generic PaaS
– Support DevOps type functions generically but not lifecycle support
• Ecosystem PaaS
– Support for many isolated tenants for application building, a store for
sharing assets between tenants, a powerful multi-tenant resource
sharing deployment model, governed rules for lifecycle
operations, built-in support for source code, issue tracking, continuous
integration tools
11. © WSO2 2014
Applicability of Types of PaaS
• Application PaaS
– if you don’t need flexibility
• Toy PaaS – avoid
• Generic PaaS
– Good if you are going to do one app or just a few apps
• Ecosystem PaaS
– Good for you to use yourself if you want more
automation, governance and more enterprise features for
many apps
– Good for your Ecosystem to enable partners and customers
(Create your own aPaaS)
12. © WSO2 2014
How do you pick a PaaS?
• Features?
• Type?
• Performance?
• Ease of use for dev, operations?
• Flexibility?
• Open Source?
• Operating Experience?
• Compatability with existing enterprise devops?
• Compatablity with IaaS choice?
13. © WSO2 2014
Covered here
YES
• Generic Private PaaS
• Ecosystem PaaS
NO
• Competitive landscape
• Toy PaaS’s
• Application PaaS’s
14. © WSO2 2014
Generic and Ecosystem PaaS’s
Requirements
Generic
• Private or Public
• IaaS independence
• Hybrid Cloud Capability
• Resource Sharing differences
• Security Concerns
• High Availability
• Polyglot
• Management and Performance
Monitoring
• Automated Resource Allocation
• Scaling Automatically
• Operations Support
• Pluggability
• Multi-tenancy
Ecosystem
• Ecosystem support
• Environment support
• Business Process
Automation
• Lifecycle support
• Social Capabilities
• Store
• Reuse
15. © WSO2 2014
Run yourself or Public
Private / Run yourself
• Gain Experience
yourself before
launching into public
sphere
• you can deploy
anywhere and grow
based on benefits and
even burst into public
on demand
Public
• Start cheap
• Start small
• Build from there and
gain on the job training
• Possibly locked in to a
vendor and its
problems and
limitations on
performance and
scale, compliance, secu
rity …
16. © WSO2 2014
Public IaaS Vendors – large variability
High Risk – not all PaaS’s run on all IaaS
Dell*, Azure**
• Microsoft (Free)
• Dell - On-premise like
Joyent**, SoftLayer*
• High Performance
– Joyent special
virtualization, SmartOS
– Softlayer – bare metal
• MongoDB, Hadoop
Rackspace*, HP*
• MySQL
• OpenStack Pioneer
Google**
• Google Compute Cloud
• Google App Cloud
Amazon AWS**
• Wide variety of choices
• Lots of extra value
services
• Poorest performance
• Highest cost
*OpenStack ** Proprietary
17. © WSO2 2014
Do you need IaaS independence?
Lock into a cloud vendor
• Become dependent on
a cloud vendor size
limitations, growth and
viability, security
policies, pricing. If any
fail to meet future
needs be prepared for
major cost and
difficulty moving
Hybrid
• Change cloud vendors
based on experience
and cost changes as
needed
• May not be able to use
IaaS vendor specific
features
• Flexibility - Have some
on-premise hardware
as well as public cloud
for better cost mixing
18. © WSO2 2014
Private IaaS Choices
VMWare – expensive
Eucalyptus(AWS) – ties you
to Amazon
OpenStack
– Many supporters
Cloudstack
OpenNebula
19. © WSO2 2014
Hybrid Capability Important
• Change cloud vendors based on experience and cost
changes as needed
• Run different tenants, environments or even different
components in different clouds for reasons of
performance, compliance, cost or any reason
• Burst on demand
• Have on-premise hardware as well as public for
better cost mixing
20. © WSO2 2014
Polyglot PaaS Important
Polyglot Development
Support for different
development
technologies like
Java, PHP, JAX-RS, JAX-
WS, …
Polyglot Runtime (Cartridges)
Can the framework support
different runtimes and
cartridges?
Multi-tenant and non-multi-
tenant cartridges?
Can the system generate cloud
artifacts from cartridge
definition automatically
Can the system automatically
allocate resources for
cartridge and tenants
Can the system do resource
sharing for multiple
cartridges in one application?
21. Component Resource Sharing is better
Great Performance
Dedicated Resources but expensive!Multi-tenancy
Allows each instance
To be shared – better
utilization
Break into components
Allows each piece to be utilized
And split to different servers
Giving higher performance
Multiple copies of
Each component
Allows unlimited
scale
Individual components can be scaled independently
Giving maximum utilization and scalability as well as
Fastest response to load changes
Tear down
Instances faster
And easier too
Dedicated instances expensive
But scales
(C) WSO2 2014
22. © WSO2 2014
High Availability / Disaster Recovery
HA
• Is the PaaS itself fault
tolerant?
• Fault tolerant
technologies for all
supplied cartridges?
• Active/Passive and
Active/Active
deployments supported?
• Load Balancing between
fault tolerant
components?
• Single points of failure
anywhere in the system?
DR
• Does the PaaS include
a gReg to replicate
governance data
between regions?
• Does the PaaS support
artifact distribution
automatically to all
regions?
• Does the PaaS support
resource backup?
23. © WSO2 2014
Security built-in?
Authentication
• Federated Identity
support including
OPENID, SAML and dual
factors?
• Support for multiple
LDAPs or at least one
LDAP per tenant?
• Is the IM scalable to
support your needs?
Authorization, Audit
• Does the PaaS support
OAUTH2, XACML and
other authentication
standards?
• Does it scale to your
needs?
• Can you audit the logs
or easily build alerts to
detect potential
breakins or fraud?
24. © WSO2 2014
Auto Scaling?
Detection of Change
• What KPI’s can the system
use to decide if
something is overloaded
or going to be overloaded
or is underutilized?
– Fixed?
• May work in some
instances but will
probably lead to bad
results in many cases
– Real-time information
– Or historical based
– Complex Event detection?
– SLA based?
What is auto vs manual?
• Is the scaling manually initiated?
Does it do automatic up and
down scaling?
• Can you set rules or business
process to scale up or down
• Can you scale by tenant
• Can you scale in different
clouds?
• Can you scale by time of day or
by region depending on the load
in that region?
• Can you scale individual
cartridges or whole applications?
• Can you scale resources as well
as CPU?
25. © WSO2 2014
Open Source or Proprietary?
Support
• Does it have support for
standards?
• Do 3rd parties support
it?
• Is it available as private
or hosted version?
• Are plug points well
defined?
Cost
• Is there a license fee
for enterprise version?
• Is the product open
source? Apache
Licensed?
26. © WSO2 2014
Performance Management?
Management Capabilities
• Does the system come
with monitors, agents and
built-in monitoring for
applications?
• Does it allow 3rd party
monitoring to be added?
• Can you do APM to detect
what inside an application
might be an issue?
• Does the system check
internal and external
performance?
Visualization and Escalations
• Do you have good visualization tools
of the status with KPIs on historical
as well as real time performance?
• Is the monitoring flexible and
designed to make seeing overall
system performance easy to see as
well as individual instance
performance
• Can the system detect anomalous
situations and instantiate a workflow
or escalation notification to the right
people?
• Can the system perform automatic
workarounds to known events or
scenarios?
• Can you plug in 3rd party tools?
27. © WSO2 2014
PaaS Management
• Do all parts of the PaaS have APIs to manage the PaaS
so you can build your own interfaces and inquire on
status?
• Do all parts have CLI interfaces?
• Does the PaaS have consistent operation for all parts?
• Is there a flexible enough billing and accounting
component?
28. © WSO2 2014
Upgrades? Down Times
• What are the components to be upgraded and can
they all be upgraded without any or very little
interruption?
• What modules will require down time or
maintenance?
• Are downtimes required for data backup or other
maintenance?
29. © WSO2 2014
Management Data / BigData
Integrated
• Is bigdata integrated
with the system so
scaling, management, l
oad balancing, SLA
monitoring etc are all
facilitated out of the
box?
• Can you gather KPIs on
usage both real time
and over time
intervals?
Ready
• Are the feeds for
performance, logs, gatew
ays, load balancers, and
all the components
instrumented to provide
big data information
easily to the bigdata
platform?
• Can the system log data
from applications as well
as the PaaS to be used
for analyzing tenant
usage
30. © WSO2 2014
Ecosystem PaaS
• Full Lifecycle support
– including source code repository, agile project
management, automated build, continuous
integration, continuous deployment for each tenant and tenant
application
• At least one Administrative Tenant
– who can establish Governance of Tenants roles and ability to
control the promotion and demotion business process for users
and tenants of artifacts
• Business process definition
– for promotion/demotion include automated steps as well as
human involvement
• A social Store to share entities
– APIs and work products between tenants that is role and
tenant aware
32. © WSO2 2014
What are use cases for Ecosystem PaaS?
1. You want to establish leadership in your ecosystem
and disrupt your competition
2. PaaS add-on for your APIs or SaaS application
I.e. Salesforce
3. Regulatory mandates or security requirements
I.e. Health, finance, government, security
4. You want a collaborative development environment
with reuse and common development
methodologies
5. You build lots of applications and need a better way
to automate the development and management
33. © WSO2 2014
Managing Environments
• Dev
• Test
• Production
• Staging?
• Demo?
• Training?
• UAT?
• LastGood?
• Partner?
• …
• Do you need flexible
gReg support for all
environments?
• Do you need more than
3 environments?
• Do you need automation
to keep this working?
• Do you need automated
testing between
environments?
• Do you need to allocate
different environments
to different clouds or
isolate them from other
environments?
34. © WSO2 2014
Application Lifecycle Management
No Lifecycle support
• The devOps will have more
manual elements more
room for error and less
consistency
• You are using tools that
cannot be integrated into
your DevOps Platform?
• You aren’t requiring
promote standard processes
in development?
• You don’t have requirements
for automated governance
of development products
Lifecycle support
• Controls and Policies
• Standardize on tools
like
Maven, Jenkins, Agile
project
management, Git?
• Do you have both
automated tasks to
perform as part of
promotion and human
involvement and
approval?
35. © WSO2 2014
Tenant Administration?
Creating / Assigning Tenants
• Different tenant tshirt
sizes supported?
• Assign tenants
resources in different
locations / clouds
• Tenant LDAP / security
policies supported?
Administration of tenants
• Tenant size to size
migration?
• Tenant instance migration
• Tenant backup
• Separate tenant versions
• Easy to see tenant SLAs or
other performance
characteristics
• Tenant logs
• Tenant billing
• Tenant support with easy
problem reporting and
documentation
37. © WSO2 2014
Store
• Is there a store for customers to access
applications, APIs, subscribe to assets and be a
tenant or user of an asset?
• Does the store support a community through social
comments or other community features?
39. Enterprise App
Integration
& Common
APIs
New IT:
PaaS
Powered, Democratized,
Mobile Enabled,
Socially Aware
Enterprise IT Store: APIs / Apps / Mobile Apps & More
Data Repository & Analytics Foundation
Cloud
Service
Cloud-to-Cloud&Cloud-to-Enterprise
Integration
Partners &
3rd Party
Ecosystem
Happy Users, Customers, Partners, Developers
StratosLive
AppFactory Ecosystem PaaS
(C) WSO2 2014
40. © WSO2 2014
WSO2 Private PaaS
• Generic PaaS
– Full polyglot, hybrid cloud support and
component resource sharing capability
– All cartridges and components of the PaaS
are multi-tenant, fault tolerant, no-down-
time upgradeable
– Open source shared with Apache
– Integrated Performance Management
– Optional Identity Management, BAM, API
Management and BigData support
41. © WSO2 2014
WSO2 Ecosystem PaaS - AppFactory
• Integrated with
Git, Svn, Maven, Jenkins, Redmine, Puppet, Apache
Stratos and other open source projects
• Full ALM support with business processes for
promotion/demotion including human tasks
• Full governance control of what is available in the
store, what tenants can do, where everything is and
the rules of the PaaS
• A Social Enterprise Store that can share assets and
information between tenants based on role
• Self-service interface for tenants
42. © WSO2 2014
More Information
• John Mathon john@wso2.com
• Twitter Feed: @john_mathon
• Blog: johnmathon.wordpress.com
• Cloud: wso2.com/cloud
• Download: wso2.com
• App Factory Signon: https://cloudpreview.wso2.com/
Editor's Notes DevOps has drastically reduced both time and cost of development and deployment of projects. Security learn what fits your enterprise Learn how to do it efficientlyLower cost for private hardware (if highly utilized)Use Public cloud as burst or for specific environments or tenantsMore flexibility means higher probability of success Instances 2C/hr – 16c/hr or even up to $1/hr for 32GB 8 processorsPerfomance 10 times for compute, db and other services have to be fine tuned and differ widelyCost for data varies widely – most free up to the cloud and charge for down bandwidth (24C/gigabyte dell)AWS – costly, poor performanceAzure – microsoft lock inGoogle – Google dependence good and badJoyent – SmartOS good and bad, lasting powerSoftLayer, Dell, Rackspace, HP – lasting power