Cloudfoundry architecture
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Cloudfoundry architecture

  • 10,350 views
Uploaded on

Cloud Foundry Architecture presentation at SpringOne 2012.

Cloud Foundry Architecture presentation at SpringOne 2012.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
10,350
On Slideshare
9,894
From Embeds
456
Number of Embeds
6

Actions

Shares
Downloads
527
Comments
0
Likes
26

Embeds 456

http://irrlab.com 183
http://www.scoop.it 138
https://twitter.com 129
https://si0.twimg.com 4
http://twitter.com 1
http://webcache.googleusercontent.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Cloud Foundry Architecture Ramnivas Laddad @ramnivas© 2012 SpringOne 2GX. All rights reserved. Do not distribute without permission.
  • 2. @ramnivas •  Spring framework committer •  Cloud Foundry committer •  Main interests –  Cloud computing –  Aspect-oriented programming –  Scala and functional programming •  Author of books and articles –  AspectJ in Action (1st and 2nd edition) •  Speaker at many professional conferences –  JavaOne, JavaPolis, SpringOne, Software Development, No Fluff Just Stuff, EclipseCon, O’Reilly OSCON etc. •  Active involvement in AspectJ, Spring, and Cloud Foundry since their early form
  • 3. Technologies “Я” Us Closure Java AMQP HTML5 Akka Mongo Spring ScalaRedis JSF Grails Hibernate node.jsRabbitMQ JDBC Lift Rails JMS Ruby Hadoop Sinatra Batch Job Django JTA Python MySQL Web Services JPA Caching LDAP Postgres Scripting Testing Security Neo4j REST
  • 4. Technologies “Я” Us Closure Java AMQP HTML5 Akka Mongo Spring ScalaRedis JSF Grails Hibernate node.jsRabbitMQ JDBC Lift Rails JMS Ruby Hadoop Sinatra Batch Job Django JTA Python MySQL Web Services JPA Caching LDAP Postgres Scripting Testing Security Neo4j REST
  • 5. Technologies “Я” Us Access logs Network Routing Hardware failures DNS Storage Load balancing Auditing Rolling Updates User management Security DoS Backups DBA OS Monitoring Patches
  • 6. Technologies “Я” Us Access logs Network Routing Hardware failures DNS Storage Load balancing Auditing Rolling Updates User management Security DoS Backups DBA OS Monitoring Patches
  • 7. Facets of complexity: Product§  More functionality§  Time to market pressure§  Complex integration§  Higher stake in quality
  • 8. Facets of complexity: Development§  Sound architecture: future proofing without overdoing§  Unit and integration tests§  Responding to changing business needs§  Confusing technology landscape
  • 9. Facets of complexity: Deployment andoperation§  Choosing the right hardware, operating system, web server§  Monitoring applications§  Responding to scalability needs§  Dealing with hardware- and system-level failures§  Upgrading without substantial down time
  • 10. Inherent vs. Apparent Complexity Implementation
  • 11. Inherent vs. Apparent Complexity Implementation Functional logic
  • 12. Inherent vs. Apparent Complexity Implementation Functional logic Inherent complexity
  • 13. Inherent vs. Apparent Complexity Implementation overhead Implementation Functional logic Inherent complexity
  • 14. Inherent vs. Apparent Complexity Implementation overhead Apparent Implementation complexity Functional logic Inherent complexity
  • 15. Inherent vs. Apparent Complexity What can we do about this? Implementation overhead Apparent Implementation complexity Functional logic Inherent complexity
  • 16. What can we do? ?
  • 17. Three layers of Cloud Computing SaaS Software as a Service PaaS Platform as a Service IaaS Infrastructure as a Service
  • 18. Cloud Foundry open PaaS - Choice of clouds Data Services Private     Clouds     Msg Services Public   Clouds   Other Micro   Services Clouds  
  • 19. Cloud Foundry open PaaS - Choice of clouds Data Services Private     Clouds     Msg Services Public   Clouds   Other Micro   Services Clouds  Apache2 license
  • 20. Cloud Foundry open PaaS - Choice of clouds Data Services Private     Clouds     Partners   Msg Services Public   Clouds   Other Micro   Services Clouds  Apache2 license
  • 21. Cloud Foundry Architecture
  • 22. Architectural Goals•  No single point of failure•  Distributed state•  Self healing•  Horizontally scalable
  • 23. Architectural Principles•  Loose coupling•  Event-driven•  Asynchronous•  Non-blocking•  Idempotent•  Eventually consistent•  Language-independent communication
  • 24. Cloud Foundry Layers Clients Inner Shell Outer Shell Infrastructure as a Service Hardware (CPU, Memory, Storage, Network)
  • 25. Cloud Foundry Core Components The Inner Shell
  • 26. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 27. Zooming in… App meta data cloud stager health controller manager cc - db staging jobs package uaa - db cache dea dea redis dea dea blobstore dea uaa - AuthN dea staging logs© 2012 VMware, Inc. All rights reserved
  • 28. Design Principles•  Dynamically discoverable components•  No inter-component dependencies –  Launch in any order –  Scale up and down independently•  Monitor using HTTP end points
  • 29. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 30. Cloud Controller•  Interface with the clients –  VMC –  STS –  Portal•  Provides REST interface to domain objects –  Apps –  Services –  Orgs –  Spaces
  • 31. Cloud Controller REST API Demo
  • 32. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 33. Stager•  Responsible for morphing user app into executable•  Pluggable architecture –  Each plugin understands a framework or a runtime•  Allow the DEA to view applications uniformly
  • 34. Stager’s role ……………………………………… Stager …………… ………………………… ………………………… ………………………… ……………………….. :::::::::: Spring Play Rails …
  • 35. From bits to executable app app.war
  • 36. From bits to executable app app.war
  • 37. From bits to executable app app.war
  • 38. From bits to executable app startup app.war stop
  • 39. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Services Messaging
  • 40. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 41. From bits to running app startup app.war stop
  • 42. From bits to running app startup app.war stop
  • 43. From bits to running app A startup g e app.war n t stop
  • 44. From bits to running app A startup g e app.war n t stop
  • 45. Droplet Execution Agent (DEA)•  Responsible for running all apps•  Monitors apps –  Memory and disk quota –  Stage changes•  Uniform view of all apps –  Runtime/framework differences sorted by the stager•  Ensures app isolation
  • 46. Application Isolation DEA Container API Host network Private network App Private File System Warden container
  • 47. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 48. Router•  Responsible to route requests to –  User apps –  External-facing components •  Cloud Controller •  UAA
  • 49. Application Routing Messaging
  • 50. Application Routing Router Messaging
  • 51. Application Routing Router url è host:port DEA Messaging
  • 52. Application Routing HTTP Router url è host:port DEA Messaging
  • 53. Application Routing HTTP Nginx (+Lua extension) Locator Services Router url è host:port DEA Messaging
  • 54. Application Routing HTTP Nginx (+Lua extension) Locator Services Router url è host:port DEA Messaging
  • 55. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App Execution Agents Services (DEA) Pool Messaging
  • 56. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 57. Health Manager§  Expected state: •  Cloud Controller§  Current state: •  DEAs§  Current state ç Expected state
  • 58. UAA•  Centralized Identity Management –  Authenticates users from multiple sources –  Presents a single standard protocol for consumers•  User Account Management•  Client Application Registration•  OpenID Connect and Oauth2 – delegated authorization –  Uses Spring Security
  • 59. Oauth2 for Cloud Foundry CF Portal Client Cloud controller User Resource server Resource owner UAA Identity provider
  • 60. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Cloud controller User Resource server Resource owner UAA Identity provider
  • 61. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code UAA Identity provider
  • 62. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Redirect user along with the authcode Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code UAA Identity provider
  • 63. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Accesses the portal CF Portal Client Redirect user along with the authcode Exchange authcode for an access token Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code Issue access token scoped to cloud_controller.apps.read UAA Identity provider
  • 64. Oauth2 for Cloud Foundry Who is this user What is he/she requesting Do I have the necessary authorization Present token containing Accesses the portal CF Portal cloud_controller.apps.read Client Redirect user along with the authcode Exchange authcode for an access token Authenticate me Assert - Portal can only Cloud controller User read my apps Authenticates user Resource server Resource owner Issues authorization code Issue access token scoped to cloud_controller.apps.read UAA Identity provider
  • 65. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents (DEA) Pool Messaging
  • 66. Cloud Foundry Inner Shell and Up Developers Users Routers CloudControllers Stagers App App HealthManager Execution Agents Services (DEA) Pool Messaging
  • 67. Service Provisioning•  Service Gateway –  Provisions and unprovisions services –  Advertise service availability to CloudController•  Service Nodes –  Runs actual services –  Scale independently
  • 68. Access to services infoVCAP_SERVICES: {! "postgresql-9.0": [{! "name": "env-postgresql",! "label": "postgresql-9.0",! "plan": "free",! "credentials": {! "name": "de24667f9344b4eeaad6b5a2326d52faa",! "host": "172.30.48.122",! "port": 5432,! "user": "u50ce600bba434bacbc99e034bb415644",! "password": "pf4dca5bd449d4732841f0c4ae3f299d0"! }! }]!}!
  • 69. Operating Cloud Foundry The Outer Shell
  • 70. Production Grade Cloud Foundry Clusters cloudfoundry.com§  500 – 5,000 VMs§  40+ unique node types§  75+ unique software packages§  2x/week cf.com updates§  24x7x365 non-stop operation§  No-downtime deployments§  Reliable, robust, repeatable deployments, updates, capacity adjustments§  Small teams manage many production, staging, stress, qa, instances dev
  • 71. What is BOSH? github.com/cloudfoundry/bosh Service Evolution Technology for Operating Cloud Foundry in Production EnvironmentsAutomated Virtual Infrastructure•  At Cloud Scale•  Abstracted using a Cloud Provider Interface (CPI)Software Deployment, Configuration and Updates•  Optimized to Minimize Downtime•  Support for multiple VM rolesRepeatable Process•  Release Management with VersioningActive Monitoring and AlertingBOSH has been used to run CloudFoundry.com since launch
  • 72. Cloud Foundry “BOSH” – Concepts "BOSH"
  • 73. Cloud Foundry “BOSH” – Concepts Stemcell • Base OS • “BOSH” Agent "BOSH"
  • 74. Cloud Foundry “BOSH” – Concepts Stemcell Release • Base OS • Name • “BOSH” Agent Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w
  • 75. Cloud Foundry “BOSH” – ConceptsDeployment Manifest Stemcell Release• Release name and version • Base OS • Name• # VMs, params for each Job • “BOSH” Agent• Stemcells to use Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w
  • 76. Cloud Foundry “BOSH” – ConceptsDeployment Manifest Stemcell Release• Release name and version • Base OS • Name• # VMs, params for each Job • “BOSH” Agent• Stemcells to use Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w
  • 77. Cloud Foundry “BOSH” – ConceptsDeployment Manifest Stemcell Release• Release name and version • Base OS • Name• # VMs, params for each Job • “BOSH” Agent• Stemcells to use Jobs • Software Packages • Configuration Templates • Scripts "BOSH" Software Packages • Externally developed s/w • Internally developed s/w Environment Configuration Software Packages Stemcell
  • 78. Rolling Update of a Stateless Component Incoming HTTP Incoming HTTP Incoming HTTP Requests Requests Requests Router Router Router Create Create Cloud Cloud Cloud Cloud Cloud Controller Controller Controller Controller Controller v1 v1 v2 v1 v2 Message Bus Message Bus Message BusStarting with v1 Deploy a v2 VM If it works, add more v2VMs (canary) VMs...
  • 79. Example: Rolling Update of a Stateless ComponentIncoming HTTP Incoming HTTPRequests Router / LB Requests LB Router / End Result: We upgraded from v1 Destroy Create to v2 with no downtime by Cloud Cloud Cloud building new VMs and Controller Controller Controller v1 v2 v2 destroying old ones Message Bus Message Bus … while removing v1 … until all VMs are VMs… v2
  • 80. Deployment§  Parallel§  Canaries§  Eventual consistency
  • 81. Under the Hood§  Components •  Director •  Agent •  CLI§  Stemcell
  • 82. Code Change
  • 83. VM Update
  • 84. VM Update
  • 85. Cloud Provider Interface•  Abstracts infrastructure –  Stemcells •  VM template –  VMs –  Disks –  Networks
  • 86. IaaS neutral by designvSphere: battle tested implementation,thousands of deployments CPI: code completevCloud Director: “work in progress”, 2H 2012 functional status: “work in progress” Cloud Foundry BOSH Cloud Provider Interface (CPI) contribute: github.com/cloudfoundry/bosh
  • 87. CPI Providers
  • 88. Learn More. Stay Connected.Twitter•  http://twitter.com/cloudfoundry•  http://twitter.com/ramnivasSign up online at cloudfoundry.com•  Website: http://cloudfoundry.org•  Blog: http://blog.cloudfoundry.com and http://blog.cloudfoundry.org•  GitHub: http://github.com/cloudfoundry•  YouTube: http://youtube.com/cloudfoundry
  • 89. Questions?
  • 90. Cloud Foundry Architecture Ramnivas Laddad @ramnivas© 2012 SpringOne 2GX. All rights reserved. Do not distribute without permission.