0
Cloud Foundry Architecture                                                                  Ramnivas Laddad               ...
@ramnivas •    Spring framework committer •    Cloud Foundry committer •    Main interests       –  Cloud computing       ...
Technologies “Я” Us                                                                Closure        Java                    ...
Technologies “Я” Us                                                                Closure        Java                    ...
Technologies “Я” Us                           Access logs            Network  Routing                   Hardware failures ...
Technologies “Я” Us                           Access logs            Network  Routing                   Hardware failures ...
Facets of complexity: Product§  More functionality§  Time to market pressure§  Complex integration§  Higher stake in q...
Facets of complexity: Development§  Sound architecture: future proofing without overdoing§  Unit and integration tests§...
Facets of complexity: Deployment andoperation§  Choosing the right hardware, operating system, web server§  Monitoring a...
Inherent vs. Apparent Complexity         Implementation
Inherent vs. Apparent Complexity         Implementation        Functional logic
Inherent vs. Apparent Complexity         Implementation        Functional logic            Inherent                       ...
Inherent vs. Apparent Complexity  Implementation overhead         Implementation        Functional logic            Inhere...
Inherent vs. Apparent Complexity  Implementation overhead                                             Apparent         Imp...
Inherent vs. Apparent Complexity                          What can we do                              about this?  Impleme...
What can we do?                  ?
Three layers of Cloud Computing                       SaaS       Software as a Service                       PaaS       Pl...
Cloud Foundry open PaaS - Choice of clouds     Data     Services                                       Private	  	        ...
Cloud Foundry open PaaS - Choice of clouds          Data          Services                                       Private	 ...
Cloud Foundry open PaaS - Choice of clouds          Data          Services                                       Private	 ...
Cloud Foundry Architecture
Architectural Goals•    No single point of failure•    Distributed state•    Self healing•    Horizontally scalable
Architectural Principles•    Loose coupling•    Event-driven•    Asynchronous•    Non-blocking•    Idempotent•    Eventual...
Cloud Foundry Layers                          Clients                        Inner Shell                        Outer Shel...
Cloud Foundry Core Components         The Inner Shell
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Zooming in…                                                          App meta data                   cloud                ...
Design Principles•  Dynamically discoverable components•  No inter-component dependencies   –  Launch in any order   –  Sc...
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Cloud Controller•  Interface with the clients   –  VMC   –  STS   –  Portal•  Provides REST interface to domain objects   ...
Cloud Controller REST API                  Demo
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Stager•  Responsible for morphing user app into executable•  Pluggable architecture   –  Each plugin understands a framewo...
Stager’s role                                           ………………………………………                      Stager               ……………   ...
From bits to executable app                              app.war
From bits to executable app                              app.war
From bits to executable app                              app.war
From bits to executable app                startup                              app.war                 stop
Cloud Foundry Inner Shell and Up     Developers                                   Users                                 Ro...
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
From bits to running app                startup                           app.war                 stop
From bits to running app                startup                           app.war                 stop
From bits to running app A              startup g e                         app.war n t                 stop
From bits to running app A              startup g e                         app.war n t                 stop
Droplet Execution Agent (DEA)•  Responsible for running all apps•  Monitors apps   –  Memory and disk quota   –  Stage cha...
Application Isolation              DEA Container API                Host network                Private network           ...
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Router•  Responsible to route requests to   –  User apps   –  External-facing components      •  Cloud Controller      •  ...
Application Routing                      Messaging
Application Routing                 Router                      Messaging
Application Routing                 Router                           url è host:port                                     ...
Application Routing                      HTTP                 Router                             url è host:port         ...
Application Routing                       HTTP                   Nginx              (+Lua extension)              Locator ...
Application Routing                       HTTP                   Nginx              (+Lua extension)              Locator ...
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Health Manager§  Expected state:     •  Cloud Controller§  Current state:     •  DEAs§  Current state ç Expected state
UAA•  Centralized Identity Management   –  Authenticates users from multiple sources   –  Presents a single standard proto...
Oauth2 for Cloud Foundry                   CF Portal                   Client                                       Cloud ...
Oauth2 for Cloud Foundry                                            Who is this user                                      ...
Oauth2 for Cloud Foundry                                                    Who is this user                              ...
Oauth2 for Cloud Foundry                                                    Who is this user                              ...
Oauth2 for Cloud Foundry                                                      Who is this user                            ...
Oauth2 for Cloud Foundry                                                      Who is this user                            ...
Cloud Foundry Inner Shell and Up     Developers                                      Users                                ...
Cloud Foundry Inner Shell and Up     Developers                                       Users                               ...
Service Provisioning•  Service Gateway   –  Provisions and unprovisions services   –  Advertise service availability to Cl...
Access to services infoVCAP_SERVICES: {!    "postgresql-9.0": [{!        "name": "env-postgresql",!        "label": "postg...
Operating Cloud Foundry     The Outer Shell
Production Grade Cloud Foundry Clusters                                         cloudfoundry.com§  500 – 5,000 VMs§  40+...
What is BOSH?                     github.com/cloudfoundry/bosh                           Service Evolution Technology for ...
Cloud Foundry “BOSH” – Concepts            "BOSH"
Cloud Foundry “BOSH” – Concepts                Stemcell                • Base OS                • “BOSH” Agent            ...
Cloud Foundry “BOSH” – Concepts                Stemcell         Release                • Base OS        • Name            ...
Cloud Foundry “BOSH” – ConceptsDeployment Manifest            Stemcell         Release• Release name and version     • Bas...
Cloud Foundry “BOSH” – ConceptsDeployment Manifest            Stemcell         Release• Release name and version     • Bas...
Cloud Foundry “BOSH” – ConceptsDeployment Manifest                Stemcell         Release• Release name and version      ...
Rolling Update of a Stateless Component Incoming HTTP         Incoming HTTP                    Incoming HTTP Requests     ...
Example: Rolling Update of a Stateless ComponentIncoming HTTP                          Incoming HTTPRequests   Router / LB...
Deployment§  Parallel§  Canaries§  Eventual consistency
Under the Hood§  Components     •  Director     •  Agent     •  CLI§  Stemcell
Code Change
VM Update
VM Update
Cloud Provider Interface•  Abstracts infrastructure   –  Stemcells      •  VM template   –  VMs   –  Disks   –  Networks
IaaS neutral by designvSphere: battle tested implementation,thousands of deployments                                      ...
CPI Providers
Learn More. Stay Connected.Twitter•  http://twitter.com/cloudfoundry•  http://twitter.com/ramnivasSign up online at cloudf...
Questions?
Cloud Foundry Architecture                                                                  Ramnivas Laddad               ...
Cloudfoundry architecture
Cloudfoundry architecture
Cloudfoundry architecture
Cloudfoundry architecture
Cloudfoundry architecture
Cloudfoundry architecture
Cloudfoundry architecture
Upcoming SlideShare
Loading in...5
×

Cloudfoundry architecture

12,530

Published on

Cloud Foundry Architecture presentation at SpringOne 2012.

Published in: Technology
0 Comments
37 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
12,530
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
858
Comments
0
Likes
37
Embeds 0
No embeds

No notes for slide

Transcript of "Cloudfoundry architecture"

  1. 1. Cloud Foundry Architecture Ramnivas Laddad @ramnivas© 2012 SpringOne 2GX. All rights reserved. Do not distribute without permission.
  2. 2. @ramnivas •  Spring framework committer •  Cloud Foundry committer •  Main interests –  Cloud computing –  Aspect-oriented programming –  Scala and functional programming •  Author of books and articles –  AspectJ in Action (1st and 2nd edition) •  Speaker at many professional conferences –  JavaOne, JavaPolis, SpringOne, Software Development, No Fluff Just Stuff, EclipseCon, O’Reilly OSCON etc. •  Active involvement in AspectJ, Spring, and Cloud Foundry since their early form
  3. 3. Technologies “Я” Us Closure Java AMQP HTML5 Akka Mongo Spring ScalaRedis JSF Grails Hibernate node.jsRabbitMQ JDBC Lift Rails JMS Ruby Hadoop Sinatra Batch Job Django JTA Python MySQL Web Services JPA Caching LDAP Postgres Scripting Testing Security Neo4j REST
  4. 4. Technologies “Я” Us Closure Java AMQP HTML5 Akka Mongo Spring ScalaRedis JSF Grails Hibernate node.jsRabbitMQ JDBC Lift Rails JMS Ruby Hadoop Sinatra Batch Job Django JTA Python MySQL Web Services JPA Caching LDAP Postgres Scripting Testing Security Neo4j REST
  5. 5. Technologies “Я” Us Access logs Network Routing Hardware failures DNS Storage Load balancing Auditing Rolling Updates User management Security DoS Backups DBA OS Monitoring Patches
  6. 6. Technologies “Я” Us Access logs Network Routing Hardware failures DNS Storage Load balancing Auditing Rolling Updates User management Security DoS Backups DBA OS Monitoring Patches
  7. 7. Facets of complexity: Product§  More functionality§  Time to market pressure§  Complex integration§  Higher stake in quality
  8. 8. Facets of complexity: Development§  Sound architecture: future proofing without overdoing§  Unit and integration tests§  Responding to changing business needs§  Confusing technology landscape
  9. 9. Facets of complexity: Deployment andoperation§  Choosing the right hardware, operating system, web server§  Monitoring applications§  Responding to scalability needs§  Dealing with hardware- and system-level failures§  Upgrading without substantial down time
  10. 10. Inherent vs. Apparent Complexity Implementation
  11. 11. Inherent vs. Apparent Complexity Implementation Functional logic
  12. 12. Inherent vs. Apparent Complexity Implementation Functional logic Inherent complexity
  13. 13. Inherent vs. Apparent Complexity Implementation overhead Implementation Functional logic Inherent complexity
  14. 14. Inherent vs. Apparent Complexity Implementation overhead Apparent Implementation complexity Functional logic Inherent complexity
  15. 15. Inherent vs. Apparent Complexity What can we do about this? Implementation overhead Apparent Implementation complexity Functional logic Inherent complexity
  16. 16. What can we do? ?
  17. 17. Three layers of Cloud Computing SaaS Software as a Service PaaS Platform as a Service IaaS Infrastructure as a Service
  18. 18. Cloud Foundry open PaaS - Choice of clouds Data Services Private     Clouds     Msg Services Public   Clouds   Other Micro   Services Clouds  
  19. 19. Cloud Foundry open PaaS - Choice of clouds Data Services Private     Clouds     Msg Services Public   Clouds   Other Micro   Services Clouds  Apache2 license
  20. 20. Cloud Foundry open PaaS - Choice of clouds Data Services Private     Clouds     Partners   Msg Services Public   Clouds   Other Micro   Services Clouds  Apache2 license
  21. 21. Cloud Foundry Architecture
  22. 22. Architectural Goals•  No single point of failure•  Distributed state•  Self healing•  Horizontally scalable
  23. 23. Architectural Principles•  Loose coupling•  Event-driven•  Asynchronous•  Non-blocking•  Idempotent•  Eventually consistent•  Language-independent communication
  24. 24. Cloud Foundry Layers Clients Inner Shell Outer Shell Infrastructure as a Service Hardware (CPU, Memory, Storage, Network)
  25. 25. Cloud Foundry Core Components The Inner Shell
  26. 26. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  27. 27. Zooming in… App meta data cloud stager health controller manager cc - db staging jobs package uaa - db cache dea dea redis dea dea blobstore dea uaa - AuthN dea staging logs© 2012 VMware, Inc. All rights reserved
  28. 28. Design Principles•  Dynamically discoverable components•  No inter-component dependencies –  Launch in any order –  Scale up and down independently•  Monitor using HTTP end points
  29. 29. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  30. 30. Cloud Controller•  Interface with the clients –  VMC –  STS –  Portal•  Provides REST interface to domain objects –  Apps –  Services –  Orgs –  Spaces
  31. 31. Cloud Controller REST API Demo
  32. 32. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  33. 33. Stager•  Responsible for morphing user app into executable•  Pluggable architecture –  Each plugin understands a framework or a runtime•  Allow the DEA to view applications uniformly
  34. 34. Stager’s role ……………………………………… Stager …………… ………………………… ………………………… ………………………… ……………………….. :::::::::: Spring Play Rails …
  35. 35. From bits to executable app app.war
  36. 36. From bits to executable app app.war
  37. 37. From bits to executable app app.war
  38. 38. From bits to executable app startup app.war stop
  39. 39. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Services Messaging
  40. 40. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  41. 41. From bits to running app startup app.war stop
  42. 42. From bits to running app startup app.war stop
  43. 43. From bits to running app A startup g e app.war n t stop
  44. 44. From bits to running app A startup g e app.war n t stop
  45. 45. Droplet Execution Agent (DEA)•  Responsible for running all apps•  Monitors apps –  Memory and disk quota –  Stage changes•  Uniform view of all apps –  Runtime/framework differences sorted by the stager•  Ensures app isolation
  46. 46. Application Isolation DEA Container API Host network Private network App Private File System Warden container
  47. 47. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  48. 48. Router•  Responsible to route requests to –  User apps –  External-facing components •  Cloud Controller •  UAA
  49. 49. Application Routing Messaging
  50. 50. Application Routing Router Messaging
  51. 51. Application Routing Router url è host:port DEA Messaging
  52. 52. Application Routing HTTP Router url è host:port DEA Messaging
  53. 53. Application Routing HTTP Nginx (+Lua extension) Locator Services Router url è host:port DEA Messaging
  54. 54. Application Routing HTTP Nginx (+Lua extension) Locator Services Router url è host:port DEA Messaging
  55. 55. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App Execution Agents Services (DEA) Pool Messaging
  56. 56. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  57. 57. Health Manager§  Expected state: •  Cloud Controller§  Current state: •  DEAs§  Current state ç Expected state
  58. 58. UAA•  Centralized Identity Management –  Authenticates users from multiple sources –  Presents a single standard protocol for consumers•  User Account Management•  Client Application Registration•  OpenID Connect and Oauth2 – delegated authorization –  Uses Spring Security
  59. 59. Oauth2 for Cloud Foundry CF Portal Client Cloud controller User Resource server Resource owner UAA Identity provider
  60. 60. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Cloud controller User Resource server Resource owner UAA Identity provider
  61. 61. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code UAA Identity provider
  62. 62. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Redirect user along with the authcode Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code UAA Identity provider
  63. 63. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Redirect user along with the authcode Exchange authcode for an access token Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code Issue access token scoped to cloud_controller.apps.read UAA Identity provider
  64. 64. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Present token containing Accesses the portal CF Portal cloud_controller.apps.read Client Redirect user along with the authcode Exchange authcode for an access token Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code Issue access token scoped to cloud_controller.apps.read UAA Identity provider
  65. 65. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents (DEA) Pool Messaging
  66. 66. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  67. 67. Service Provisioning•  Service Gateway –  Provisions and unprovisions services –  Advertise service availability to CloudController•  Service Nodes –  Runs actual services –  Scale independently
  68. 68. Access to services infoVCAP_SERVICES: {! "postgresql-9.0": [{! "name": "env-postgresql",! "label": "postgresql-9.0",! "plan": "free",! "credentials": {! "name": "de24667f9344b4eeaad6b5a2326d52faa",! "host": "172.30.48.122",! "port": 5432,! "user": "u50ce600bba434bacbc99e034bb415644",! "password": "pf4dca5bd449d4732841f0c4ae3f299d0"! }! }]!}!
  69. 69. Operating Cloud Foundry The Outer Shell
  70. 70. Production Grade Cloud Foundry Clusters cloudfoundry.com§  500 – 5,000 VMs§  40+ unique node types§  75+ unique software packages§  2x/week cf.com updates§  24x7x365 non-stop operation§  No-downtime deployments§  Reliable, robust, repeatable deployments, updates, capacity adjustments§  Small teams manage many production, staging, stress, qa, instances dev
  71. 71. What is BOSH? github.com/cloudfoundry/bosh Service Evolution Technology for Operating Cloud Foundry in Production EnvironmentsAutomated Virtual Infrastructure•  At Cloud Scale•  Abstracted using a Cloud Provider Interface (CPI)Software Deployment, Configuration and Updates•  Optimized to Minimize Downtime•  Support for multiple VM rolesRepeatable Process•  Release Management with VersioningActive Monitoring and AlertingBOSH has been used to run CloudFoundry.com since launch
  72. 72. Cloud Foundry “BOSH” – Concepts "BOSH"
  73. 73. Cloud Foundry “BOSH” – Concepts Stemcell • Base OS • “BOSH” Agent "BOSH"
  74. 74. Cloud Foundry “BOSH” – Concepts Stemcell Release • Base OS • Name • “BOSH” Agent Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w
  75. 75. Cloud Foundry “BOSH” – ConceptsDeployment Manifest Stemcell Release• Release name and version • Base OS • Name• # VMs, params for each Job • “BOSH” Agent• Stemcells to use Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w
  76. 76. Cloud Foundry “BOSH” – ConceptsDeployment Manifest Stemcell Release• Release name and version • Base OS • Name• # VMs, params for each Job • “BOSH” Agent• Stemcells to use Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w
  77. 77. Cloud Foundry “BOSH” – ConceptsDeployment Manifest Stemcell Release• Release name and version • Base OS • Name• # VMs, params for each Job • “BOSH” Agent• Stemcells to use Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w Environment Configuration Software Packages Stemcell
  78. 78. Rolling Update of a Stateless Component Incoming HTTP Incoming HTTP Incoming HTTP Requests Requests Requests Router Router Router Create Create Cloud Cloud Cloud Cloud Cloud Controller Controller Controller Controller Controller v1 v1 v2 v1 v2 Message Bus Message Bus Message BusStarting with v1 Deploy a v2 VM If it works, add more v2VMs (canary) VMs...
  79. 79. Example: Rolling Update of a Stateless ComponentIncoming HTTP Incoming HTTPRequests Router / LB Requests LB Router / End Result: We upgraded from v1 Destroy Create to v2 with no downtime by Cloud Cloud Cloud building new VMs and Controller Controller Controller v1 v2 v2 destroying old ones Message Bus Message Bus … while removing v1 … until all VMs are VMs… v2
  80. 80. Deployment§  Parallel§  Canaries§  Eventual consistency
  81. 81. Under the Hood§  Components •  Director •  Agent •  CLI§  Stemcell
  82. 82. Code Change
  83. 83. VM Update
  84. 84. VM Update
  85. 85. Cloud Provider Interface•  Abstracts infrastructure –  Stemcells •  VM template –  VMs –  Disks –  Networks
  86. 86. IaaS neutral by designvSphere: battle tested implementation,thousands of deployments CPI: code completevCloud Director: “work in progress”, 2H 2012 functional status: “work in progress” Cloud Foundry BOSH Cloud Provider Interface (CPI) contribute: github.com/cloudfoundry/bosh
  87. 87. CPI Providers
  88. 88. Learn More. Stay Connected.Twitter•  http://twitter.com/cloudfoundry•  http://twitter.com/ramnivasSign up online at cloudfoundry.com•  Website: http://cloudfoundry.org•  Blog: http://blog.cloudfoundry.com and http://blog.cloudfoundry.org•  GitHub: http://github.com/cloudfoundry•  YouTube: http://youtube.com/cloudfoundry
  89. 89. Questions?
  90. 90. Cloud Foundry Architecture Ramnivas Laddad @ramnivas© 2012 SpringOne 2GX. All rights reserved. Do not distribute without permission.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×