Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How dorma+kaba leverages and deploys on CloudFoundry - CloudFoundry Summit Europe 2016

258 views

Published on

DORMA Group and Kaba Group, merged to form dorma+kaba in September 2015. The merger has created one of the top three companies in the global market for security and access solutions, with pro forma sales of more than CHF 2 billion and around 16,000 employees. dorma+kaba is active in over 50 countries and has a presence, through both production sites and distribution and service offices, in all relevant markets. In this presentation, you will take part of the journey of how dorma+kaba is leveraring Cloud Foundry for their access control as a service "exivo" and how they deploy on it.

Cloud Foundry makes it exceptionally simple to deploy and manage applications with simple commands like 'cf push'. However, as your application grows in complexity and the number of deployed components explodes it becomes difficult to keep an overview of the required services and bindings. Many organisations, like dorma+kaba, face these challenges sooner or later, especially with microservices architecture. Starting from the naive idea of automating deployments using shell scripts wrapping the Cloud Foundry cli, the pitfalls encountered with this approach, and the evolution towards sophisticated and reliable tooling. Finally dorma+kaba built their open framework to deploy 80+ applications through multiple deployment stages including production and open sourced it during the CF Summit

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How dorma+kaba leverages and deploys on CloudFoundry - CloudFoundry Summit Europe 2016

  1. 1. How Leverages and Deploys on
  2. 2. Lead Software/System architect at dorma+kaba Author and maintainer in multiple open source projects such as a cqrs framework for node.js (cqrs.js.org), push2.cloud and i18next.com with its "as a service" offering locize.com. Father of 2 children. Always in search for innovative and disruptive stuff. CEO and System Engineer at wölkli gmbh Supports the dorma+kaba group in their journey with Cloud Foundry. One of the maintainers of the open source deployment framework push2.cloud. Owner of 2 cats. Adriano Hello! My name is: @adrirai adrai @themerne michaelerne Michael Hello! My name is:
  3. 3. Who is dorma+kaba
  4. 4. 154 + 108 years of experience
  5. 5. Top three position Over 2 billion Swiss francs 16,000 employees Subsidiaries +50 countries products, solutions, services for secure physical access partners in 130 countries
  6. 6. Urbanization Increasing prosperity in emerging markets Demographic change Increasing need for security Technology Growth drivers shaping our industry
  7. 7. Our goal: innovation leadership dorma+kaba is striving for innovation leadership in its industry.
  8. 8. What is exivo?
  9. 9. Our frontend apps are on For customers, partners, market organisations, administrators, factories, support, etc...
  10. 10. Our backend services are on Business Domains, Identity Management, Web servers, API servers, etc...
  11. 11. Our IoT stack is on Communication, messaging, signing service, authentication, firmware update, virtual device representation, management apis, diagnostics, etc...
  12. 12. Our Business Model is on From acquisition to life cycle management...
  13. 13. Everything is on ⇒ But Why?
  14. 14. Platform Know-How Application Know-How Infrastructure Know-How SysOpsDevOps
  15. 15. How many apps do you deploy (in parallel)?
  16. 16. 50 Applications 48 Services 150 Instances Frontend Applications Customer, Partner, RMO, Admin, Support, etc... Business Domain 30 Applications 18 Services 90 Instances Backend connection to periphery Wired Doors, Wireless Doors IoT stack
  17. 17. CQRS (D)DDD Event Sourcing flexible loosely-coupled scalable tolerant of failure highly responsive secure no vendor lock-in 12-factor app methodology share nothing
  18. 18. public virtual private deploy
  19. 19. Our deployment journey
  20. 20. --- applications: - name: taibika-app-customer-host buildpack: https://github.com/KABA-CCEAC/nodejs-buildpack.git # buildpack: https://github.com/cloudfoundry/nodejs-buildpack.git memory: 256M instances: 1 path: . command: node server.js env: DEPLOY_TYPE: cf RABBITMQ_MODE: compatibility ➜ ~ cf push ➜ ~ cf set-env my-app myvar myval ➜ ~ cf create-service mongodb default my-db ➜ ~ cf bind-service my-app my-db ➜ ~ cf restart my-app Start the classic way
  21. 21. shell script serial push #!/bin/bash SCRIPTDIR=$(dirname $(readlink -f $0)) PROJECTROOT=$(readlink -f "${SCRIPTDIR}/../../..") cd ${SCRIPTDIR} # CF_USER injected from username and password binding CF_USER_USERNAME=`echo $CF_USER | cut -f1 -d:` CF_USER_PASSWORD=`echo $CF_USER | cut -f2 -d:` org=kaba ; space=dev api=http://api.appcloud.swisscom.com # login cf api ${api} cf auth ${CF_USER_USERNAME} ${CF_USER_PASSWORD} cf target -o ${org} -s ${space} # deploy auth (cd ${PROJECTROOT}/auth && npm install && ./deploy.sh ${org} ${space}) # deploy domain (cd ${PROJECTROOT}/domain/server && npm install && ./deploy.sh ${org} ${space}) # deploy app-customer-host (cd ${PROJECTROOT}/app_customer/host && npm install && ./deploy.sh ${org} ${space}) ... #!/bin/bash org="$1" space="$2" appname=taibika-app-customer hostname=${appname}-${org}-${space} echo "create services" cf cs redis default taibika-app-customer-sessions echo "pushing app but do not start it..." cf push -n ${hostname} --no-start echo "set env var AUTH_HOST" cf set-env ${appname} AUTH_HOST https://taibika- auth.scapp.io echo "set env var MY_HOST" cf set-env ${appname} MY_HOST https://${hostname}.beta.scapp.io echo "set env var DAAL_HOST" cf set-env ${appname} DAAL_HOST https://cust.scapp.io echo "set env var DAAL_USERNAME" cf set-env ${appname} DAAL_USERNAME user echo "set env var DAAL_PASSWORD" cf set-env ${appname} DAAL_PASSWORD password echo "restage/restart app" cf push echo "OK" Script of scripts
  22. 22. shell script parallel push #!/bin/bash SCRIPTDIR=$(dirname $(readlink -f $0)) PROJECTROOT=$(readlink -f "${SCRIPTDIR}/../../..") cd ${SCRIPTDIR} # CF_USER injected from username and password binding CF_USER_USERNAME=`echo $CF_USER | cut -f1 -d:` CF_USER_PASSWORD=`echo $CF_USER | cut -f2 -d:` org=kaba space=dev api=http://api.appcloud-beta.swisscom.com # login cf api ${api} cf auth ${CF_USER_USERNAME} ${CF_USER_PASSWORD} cf target -o ${org} -s ${space} # deploy auth (cd ${PROJECTROOT}/auth && npm install && ./deploy.sh ${org} ${space} &) # deploy domain (cd ${PROJECTROOT}/domain/server && npm install && ./deploy.sh ${org} ${space} &) # deploy app-customer-host (cd ${PROJECTROOT}/app_customer/host && npm install && ./deploy.sh ${org} ${space} &) ... in parallel
  23. 23. echo('deploy ' + appsToDeploy.length + ' apps'); echo(JSON.stringify(appsToDeploy, null, 2)); echo('with ' + servicesToDeploy.length + ' services'); echo(JSON.stringify(servicesToDeploy, null, 2)); echo('starting to deploy...'); async.series([ function (callback) { utils.prepushApps(appsToDeploy, callback); }, function (callback) { utils.createServices(servicesToDeploy, callback); }, function (callback) { utils.deployAppsStep1(appsToDeploy, function (err, deployedApps) { alreadyDeployedApps = deployedApps; callback(err); }); }, function (callback) { utils.bindServices(appsToDeploy, callback); }, function (callback) { utils.deployAppsStep2(appsToDeploy, alreadyDeployedApps, callback); } ], function (err) { if (err) return exit(err); echo('!!!! finished :-) !!!'); }); Wrap the cli require('shelljs/global'); //... if (!which('cf')) { echo('sorry, this script requires cf (cloudfoundry-cli)'); exit(1); } if (!which('git')) { echo('sorry, this script requires git'); exit(1); } //... var branch = env['BRANCH'] || env['GIT_BRANCH'] || currentBranch() || 'develop'; var org = env['ORG'] || currentOrg() || 'kaba'; var space = env['SPACE'] || currentSpace() || branch; var deployType = env['DEPLOY_TYPE'] || branch || space; var api = env['API'] || currentApi() || 'https://api.appcloud- nova.swisscom.com'; execCmd('cf api ' + api); execCmd('cf target -o ' + org + ' -s ' + space); //...
  24. 24. we need sophisticated, reliable and flexible tooling required for application management
  25. 25. ? ? ? ? ? ?
  26. 26. State definition Workflows Apps EnvVars Services Routes Actual State Desired State App Connections Secret Stores
  27. 27. App A EnvVars Services Routes App B
  28. 28. App A EnvVars Services Routes App B B_HOST = "https://..." B_USERNAME = "deadbeef" B_PASSWORD = "..."
  29. 29. App A App B App C App D Release 1.0.0 1.0.1 1.5.0 1.2.1
  30. 30. Release Application Defaults Service Mappings Secret Stores Deployment Target
  31. 31. Release Deployment App A App B App C Compiler Deployment Configuration
  32. 32. Actual State Desired State
  33. 33. Actual State Desired State Deployment Configuration
  34. 34. Actual State Desired State Deployment Configuration
  35. 35. Actual State Desired State Deployment Configuration Workflows
  36. 36. Actual State Desired State const blueGreen = (deploymentConfig, api, log) => waterfall( [ init(deploymentConfig, api, log) , map(api.packageApp, missing.apps) , mapSeries(api.createServiceInstance, missing.services) , map(api.createRoute, missing.routes) , mapLimit(api.pushApp, missing.apps) , map(api.setEnv, missing.envVars) , map(api.stageApp, missing.apps) , map(api.waitForServiceInstance, missing.services) , map(api.bindService, missing.serviceBindings) , map(api.startAppAndWaitForInstances, missing.apps) , map(api.associateRoute, missing.unAssociatedRoutes) , map(api.switchRoutes, old.routes) , map(api.stopApp, old.apps) , map(api.unbindService, old.serviceBindings) , map(api.deleteApp, old.apps) ] );
  37. 37. Sophisticated application configuration Release- & Deployment management Target platform agnostic Flexible, customizable workflow framework Extensible Open Source
  38. 38. ☑ Docker Support ☑ Custom Retry Handling ☑ Retry/Error statistics ☑ Release Manifest by filesystem What’s new? ☑ TCP Routing
  39. 39. Backed by ... ZHAW InIT Cloud Computing Lab (ICCLab) Research Lab at School of Engineering at Zurich University of Applied Sciences (ZHAW) Working on the forefront of cloud technologies dorma+kaba One of the top three companies in the global market for physical security and access solutions with pro forma sales of more than CHF 2 billion (USD 2.1 billion) and around 16'000 employees in more than 50 countries. Swisscom Switzerland's leading telecom provider and one of its leading IT companies. Cloud Foundry certified provider. blog.zhaw.ch/icclab www.dormakaba.com developer.swisscom.com
  40. 40. THANKS! Any questions? You can find push2cloud at: www.push2.cloud github.com/push2cloud @Push2_cloud

×