OpenNebulaConf2017EU: IPP Cloud by Jimmy Goffaux, IPPONOpenNebula Project
This document summarizes a demo of using Terraform to provision resources on an OpenNebula infrastructure. It describes the OpenNebula architecture which includes 400 VM instances across 7 nodes with 3TB of RAM, 250 cores, and a CephFS datastore. It also provides links to two Git repositories - one for an OpenNebula API and one for a Terraform provider that uses the API - that can be used to try provisioning VMs, templates, networks and more via Terraform.
CoreOS fest 2016 Summary - DevOps BP 2016 JuneZsolt Molnar
CoreOS Fest 2016 provided updates on CoreOS projects including etcd v3, Kubernetes security tools DEX and DTC, and Prometheus. Key announcements included etcd improving performance and storage, DEX enabling external authentication for Kubernetes, and Prometheus becoming a CNCF project. Keynotes covered security in systemd, the Linux kernel status, and distributed system design tool Runway. CoreOS also announced a $28M funding round and partnerships with Calico and Intel.
This document summarizes a presentation given by Alessandro Poli on Teamsystem's migration of its Lynfa product to AWS. Some key points:
- Teamsystem is an Italian software company with over 250,000 customers, 800 partners, and 500 employees dedicated to R&D.
- Its Lynfa product is a SaaS solution that was migrated from on-premise to AWS using services like EC2, ECS, ECR, S3, RDS, and Route53.
- The migration provided benefits like cost savings, standardized solutions, high security, isolation of user data, and ability to share resources. DevOps practices like continuous delivery of container images were also implemented.
Flink Forward Berlin 2017: Ruben Casado Tejedor - Flink-Kudu connector: an op...Flink Forward
Kappa Architecture is a software architecture pattern that makes use of an immutable, append only log. All the processing of the event will be performed in the input streams and persisted as real-time views. Apache Flink is very well suited to be the processing engine because it provides support for event-time semantics, stateful exactly-once processing, and achieves high throughput and low latency at the same time. Apache Kudu Kudu is a storage system good at both ingesting streaming data and good at analyzing it using ad-hoc queries (e.g. interactive SQL based) and full-scan processes (e.g Spark/Flink). So Kudu is a good fit to store the real-time views in a Kappa Architecture. We have developed and open-sourced a connector to integrate Apache Kudu and Apache Flink. It allows reading/writing data from/to Kudu using the DataSet and DataStream Flink's APIs. The connector has been submitted to the Apache Bahir project and is already available from maven central repository.
How Docker Accelerates Continuous Development at ironSource: Containers #101 ...Brittany Ingram
Containers 101 meetup talk recording posted here- https://codefresh.io/blog/containers-101-meetup-docker-accelerates-continuous-development/
Shimon Tolts, General Manager/ CTO of Data Solutions at ironSouce, joined us to talk about how they leverage Docker to simplify their workflow and deliver Big Data solutions to their customers faster. He shared their experience running Docker containers in production and how they took one of their base systems, considered "the backbone of the company," and transformed it using containers.
OpenNebulaConf2017EU: Transforming an Old Supercomputer into a Cloud Platform...OpenNebula Project
Currently, typical supercomputers have an expected useful life of 3 or 4 years. One way of another, after this time period, infrastructure is typically replaced or upgraded to face the increasing resource demand by users and companies. This always gives rise to the same question, namely, what should be done with the old hardware if it was replaced? Possible solutions come in the form of decommissioning, splitting up and using it for spare parts, or donating it, but in several cases, the hardware can still provide value when used for different tasks. In this talk we will describe how we have converted the old Tier1 Flemish supercomputer https://www.ugent.be/hpc/en/infrastructure/tier1 into a cloud platform using OpenNebula. During this conversion process, we faced several technical challenges. The first and foremost of these was how to recycle hardware that was designed for use in a classical HPC environment to use in a private cloud. We will describe which steps were taken to address isolating VM traffic through the existing InfiniBand interconnect using the VXLAN network technology. We will also address how we managed mapping our internal (university) and external (industry) users using the OpenNebula “remote” authentication plugin. Finally, we will discuss how we used the InfiniBand interconnect to share the Ceph storage backend and VM traffic in a secure manner. After a testbed phase, in which only pilot users are given access and provide feedback, the new UGent HPC Cloud platform called “Grimer” will be available in production.
YouTube: https://youtu.be/jHchktxIZnM
The document discusses the Kubernetes Secrets Store CSI driver, which allows storing and retrieving secrets from an external secrets store and mounting them as volumes in pods. It provides an overview of the driver's architecture and capabilities, including supporting different secrets store providers like Azure Key Vault and HashiCorp Vault. It also covers using the driver with pod identity for access control and restricting which pods can access secrets in the store. Future plans are mentioned like adding more providers and syncing secrets to Kubernetes.
OpenNebulaConf2017EU: IPP Cloud by Jimmy Goffaux, IPPONOpenNebula Project
This document summarizes a demo of using Terraform to provision resources on an OpenNebula infrastructure. It describes the OpenNebula architecture which includes 400 VM instances across 7 nodes with 3TB of RAM, 250 cores, and a CephFS datastore. It also provides links to two Git repositories - one for an OpenNebula API and one for a Terraform provider that uses the API - that can be used to try provisioning VMs, templates, networks and more via Terraform.
CoreOS fest 2016 Summary - DevOps BP 2016 JuneZsolt Molnar
CoreOS Fest 2016 provided updates on CoreOS projects including etcd v3, Kubernetes security tools DEX and DTC, and Prometheus. Key announcements included etcd improving performance and storage, DEX enabling external authentication for Kubernetes, and Prometheus becoming a CNCF project. Keynotes covered security in systemd, the Linux kernel status, and distributed system design tool Runway. CoreOS also announced a $28M funding round and partnerships with Calico and Intel.
This document summarizes a presentation given by Alessandro Poli on Teamsystem's migration of its Lynfa product to AWS. Some key points:
- Teamsystem is an Italian software company with over 250,000 customers, 800 partners, and 500 employees dedicated to R&D.
- Its Lynfa product is a SaaS solution that was migrated from on-premise to AWS using services like EC2, ECS, ECR, S3, RDS, and Route53.
- The migration provided benefits like cost savings, standardized solutions, high security, isolation of user data, and ability to share resources. DevOps practices like continuous delivery of container images were also implemented.
Flink Forward Berlin 2017: Ruben Casado Tejedor - Flink-Kudu connector: an op...Flink Forward
Kappa Architecture is a software architecture pattern that makes use of an immutable, append only log. All the processing of the event will be performed in the input streams and persisted as real-time views. Apache Flink is very well suited to be the processing engine because it provides support for event-time semantics, stateful exactly-once processing, and achieves high throughput and low latency at the same time. Apache Kudu Kudu is a storage system good at both ingesting streaming data and good at analyzing it using ad-hoc queries (e.g. interactive SQL based) and full-scan processes (e.g Spark/Flink). So Kudu is a good fit to store the real-time views in a Kappa Architecture. We have developed and open-sourced a connector to integrate Apache Kudu and Apache Flink. It allows reading/writing data from/to Kudu using the DataSet and DataStream Flink's APIs. The connector has been submitted to the Apache Bahir project and is already available from maven central repository.
How Docker Accelerates Continuous Development at ironSource: Containers #101 ...Brittany Ingram
Containers 101 meetup talk recording posted here- https://codefresh.io/blog/containers-101-meetup-docker-accelerates-continuous-development/
Shimon Tolts, General Manager/ CTO of Data Solutions at ironSouce, joined us to talk about how they leverage Docker to simplify their workflow and deliver Big Data solutions to their customers faster. He shared their experience running Docker containers in production and how they took one of their base systems, considered "the backbone of the company," and transformed it using containers.
OpenNebulaConf2017EU: Transforming an Old Supercomputer into a Cloud Platform...OpenNebula Project
Currently, typical supercomputers have an expected useful life of 3 or 4 years. One way of another, after this time period, infrastructure is typically replaced or upgraded to face the increasing resource demand by users and companies. This always gives rise to the same question, namely, what should be done with the old hardware if it was replaced? Possible solutions come in the form of decommissioning, splitting up and using it for spare parts, or donating it, but in several cases, the hardware can still provide value when used for different tasks. In this talk we will describe how we have converted the old Tier1 Flemish supercomputer https://www.ugent.be/hpc/en/infrastructure/tier1 into a cloud platform using OpenNebula. During this conversion process, we faced several technical challenges. The first and foremost of these was how to recycle hardware that was designed for use in a classical HPC environment to use in a private cloud. We will describe which steps were taken to address isolating VM traffic through the existing InfiniBand interconnect using the VXLAN network technology. We will also address how we managed mapping our internal (university) and external (industry) users using the OpenNebula “remote” authentication plugin. Finally, we will discuss how we used the InfiniBand interconnect to share the Ceph storage backend and VM traffic in a secure manner. After a testbed phase, in which only pilot users are given access and provide feedback, the new UGent HPC Cloud platform called “Grimer” will be available in production.
YouTube: https://youtu.be/jHchktxIZnM
The document discusses the Kubernetes Secrets Store CSI driver, which allows storing and retrieving secrets from an external secrets store and mounting them as volumes in pods. It provides an overview of the driver's architecture and capabilities, including supporting different secrets store providers like Azure Key Vault and HashiCorp Vault. It also covers using the driver with pod identity for access control and restricting which pods can access secrets in the store. Future plans are mentioned like adding more providers and syncing secrets to Kubernetes.
Leveraging Amzon EC2 Container Services for Container OrchestrationNeeraj Shah
This is the slides for a talk I gave on AWS EC2 Container Services at AWS + Docker Meetup held @ LinkedIn Bangalore. The video of my presentation can be found at https://youtu.be/GbMGJbDTj-A
OpenNebulaconf2017EU: OpenNebula 5.4 and Beyond by Tino Vázquez and Ruben S. ...OpenNebula Project
In this talk, Rubén and Tino will lay our the novelties (not all of them, there are many!) present in 5.4, ranging from core new functionality to the big changes in vCenter. Also, the roadmap for 5.6 and future versions would be laid out, as far as it is consolidated (it won't be closed yet, but nearly so).
It would also be the perfect session for feature requests, so don't miss it!
YouTube: https://youtu.be/Czzm2EimayY
Openstack platform -Red Hat Pizza and technology event - IsraelArthur Berezin
The document discusses OpenStack, an open source cloud computing platform. It describes OpenStack's modular architecture and core services like Nova for compute, Glance for images, Neutron for networking, Cinder for block storage, and Keystone for identity. It also discusses how Red Hat provides lifecycle support for OpenStack through its RHEL OpenStack Platform, integrating and optimizing OpenStack on Red Hat Enterprise Linux.
OpenNebulaConf2017EU: Enabling Dev and Infra teams by Lodewijk De Schuyter,De...OpenNebula Project
The document discusses enabling development and infrastructure teams at the Flemish government's Department of Environment and Spatial Planning with an OpenNebula hosting platform. It describes challenges with the previous VMware-based hosting platform, including manual server provisioning and network complexity. The new OpenNebula platform aims to provide self-service for dev teams through automation and metadata templates that declaratively define machine configurations. Over 1,100 virtual machines have been migrated to OpenNebula so far, improving agility, transparency and scale. Future plans include datacenter migration and improved support for IO-intensive applications.
Building a pipeline to Destroy Los Angeles in 2012 - Siggraph Asia 2009hpduiker
A presentation on Bento, the central pipeline component developed at Digital Domain to enable the creation of the LA Destruction sequence of 2012 at Digital Domain.
CEPH DAY BERLIN - DEPLOYING CEPH IN KUBERNETES WITH ROOKCeph Community
Rook is a cloud native orchestrator for deploying storage systems within Kubernetes. This presentation will highlight the benefits and goes into the details of using Rook to set up a Ceph cluster. In addition, I will also show how to set up Prometheus and Grafana to monitor Ceph in this environment.
Airship is an open source project that provides tools for declaratively automating cloud provisioning. It includes components for orchestration, deployment, upgrades, and resiliency. Airship uses YAML documents to provision bare metal infrastructure and deploy Kubernetes clusters and application workloads. Developers are encouraged to get involved by joining mailing lists, IRC meetings, and contributing code.
This document discusses using InfluxDB and Kubernetes for monitoring. It provides an overview of deploying InfluxDB and Chronograf using Helm charts. It also describes monitoring Kubernetes infrastructure by deploying Telegraf as a DaemonSet to collect metrics from nodes. Additionally, it covers monitoring applications by deploying Telegraf as a single pod to scrape metrics or as a sidecar. Lastly, it discusses future plans for an InfluxData operator and running InfluxEnterprise outside Kubernetes clusters.
This document discusses containerization and the Docker ecosystem. It begins by describing the challenges of managing different software stacks across multiple environments. It then introduces Docker as a solution that packages applications into standardized units called containers that are portable and can run anywhere. The rest of the document covers key aspects of the Docker ecosystem like orchestration tools like Kubernetes and Docker Swarm, networking solutions like Flannel and Weave, storage solutions, and security considerations. It aims to provide an overview of the container landscape and components.
Kafka Summit SF 2017 - MultiCluster, MultiTenant and Hierarchical Kafka Messa...confluent
This document discusses scaling challenges with large Kafka clusters and proposes a solution of using multiple, smaller Kafka clusters organized hierarchically. The key points are: 1) Large monolithic Kafka clusters have issues like slow operations and increased latency; 2) The solution is to create many smaller "immutable" Kafka clusters and connect them with a routing service; 3) This allows scaling producers and consumers across clusters rather than just brokers.
Kubernetes – An open platform for container orchestrationinovex GmbH
Datum: 30.08.2017
Event: GridKA School 2017
Speaker: Johannes M. Scheuermann
Mehr Tech-Vorträge: https://www.inovex.de/de/content-pool/vortraege/
Mehr Tech-Artikel: https://www.inovex.de/blog/
An introduction into creating a multi tenant SaaS application, creating a database per tenant architecture. Incluiding a case study, example and general pointers
Virtual Flink Forward 2020: Build your next-generation stream platform based ...Flink Forward
As organizations are getting better at capturing streaming data and the data velocity and volume are ever-increasing, the traditional messaging queues or log storage systems are suffering from scalability or operational and maintenance problems. Apache Pulsar is a multi-tenant, high-performance distributed pub-sub messaging system. Pulsar includes multiple features, such as native support for multiple clusters in a Pulsar instance, seamless geo-replication of messages across clusters, very low publishing and end-to-end latency, seamless scalability to over a million topics, and guaranteed message delivery with persistent message storage provided by Apache BookKeeper. In this talk, I will use one of the most popular stream processing engines, Apache Flink, as an example, to share our experience in building a stream processing and storage stack. Some of the traits are: * How to ensure end-to-end exactly-once semantics based on Pulsar's durable and replayable storage as well as Pulsar transaction. * How to implement Pulsar topics as infinite tables based on Pulsar's schema. * How to efficiently store stream states in Pulsar based on Pulsar's layered storage API. * A usage scenario that chaining all functionalities in the streaming platform.
Hybrid clouds provide a good balance between the privacy offered by private clouds and the elasticity and reliability of public clouds. The presentation offers an introduction to the decision criteria when switching from a private to a hybrid cloud architecture and where to start from.
This document discusses using Ansible to automate CloudStack deployments and operations. It provides an overview of Ansible and how it can be used with CloudStack through modules to deploy and manage virtual machines, load balancers, and other infrastructure on CloudStack. Examples are given of using Ansible playbooks to deploy a simple web application on CloudStack and make it highly available through load balancing and automated maintenance.
Flink Forward San Francisco 2019: Massive Scale Data Processing at Netflix us...Flink Forward
Over 137 million members worldwide are enjoying TV series, feature films across a wide variety of genres and languages on Netflix. It leads to petabyte scale of user behavior data. At Netflix, our client logging platform collects and processes this data to empower recommendations, personalization and many other services to enhance user experience. Built with Apache Flink, this platform processes 100s of billion events and a petabyte data per day, 2.5 million events/sec in sub milliseconds latency. The processing involves a series of data transformations such as decryption and data enrichment of customer, geo, device information using microservices based lookups.
The transformed and enriched data is further used by multiple data consumers for a variety of applications such as improving user-experience with A/B tests, tracking application performance metrics, tuning algorithms. This causes redundant reads of the dataset by multiple batch jobs and incurs heavy processing costs. To avoid this, we have developed a config driven, centralized, managed platform, on top of Apache Flink, that reads this data once and routes it to multiple streams based on dynamic configuration. This has resulted in improved computation efficiency, reduced costs and reduced operational overhead.
Stream processing at scale while ensuring that the production systems are scalable and cost-efficient brings interesting challenges. In this talk, we will share about how we leverage Apache Flink to achieve this, the challenges we faced and our learnings while running one of the largest Flink application at Netflix.
Ceph Management and Monitoring with Dashboard v2 - Lenz GrimmerCeph Community
This document discusses the history and development of the Ceph Dashboard tool. It describes the limitations of the original Dashboard v1 and the goals for the new Dashboard v2, which uses an Angular frontend and modular Python backend. Dashboard v2 aims to provide full management and monitoring capabilities for Ceph clusters in a web UI, addressing the limitations of the previous version. The document demonstrates Dashboard v2 and outlines next steps to add additional management features.
Everything you wanted to know about RadosGW - Orit Wasserman, Matt BenjaminCeph Community
This document provides an overview of object storage concepts and features of Ceph's RADOS Gateway (RGW). Key points include:
- RGW provides a RESTful API for object storage that is compatible with AWS S3 and OpenStack Swift.
- Objects stored in RGW can be large in size and immutable, with permissions set at the object level.
- Multipart uploads allow efficient transfer of large objects by splitting them into parts.
- Versioning and lifecycle policies allow automatic management of object versions and transitions.
- RGW can be used to provide NFS access to the object storage namespace.
Mapbox runs its map tile services across 9 data centers globally to provide high availability and low latency for its customers worldwide. A map request first hits the nearest content delivery network, then the local load balancer which routes it to an application server in that region. The server authenticates the request and retrieves the tile data from a distributed database and object storage, checking a local cache first. This global infrastructure allows Mapbox to meet its service level agreement of 99.9% uptime while minimizing latency for users around the world.
Data Security Governanace and Consumer Cloud StorageDaniel Rohan
a brief on the most popular consumer cloud storage protocols along with suggestions to mitigate the threat of data exfiltration via these services on corporate networks.
We are sharing our process of migrating to the container based DroneCI platform and our lessons learned when scaling it up for an active open source project like ownCloud. Our journey started with a static legacy CI system, which was gradually replaced with, at first, a static DroneCI infrastructure. Over the course of half a year, we further more migrated to a cloud provider in order to dynamically scale the CI system based on the build volume. The lessons learned during this journey, were transformed and contributed to the DroneCI project and resulted in the DroneCI autoscaler - which allows for automatic scaling of infrastructure resources with common cloud providers.
Amazon Redshift is a cloud-hosted data warehouse service from AWS that allows for petabyte-scale analytics on large datasets using massive parallel processing. It stores data in a column-oriented format and integrates with other AWS services like S3, DynamoDB, and EMR. Redshift provides features like columnar storage, parallel query processing across multiple nodes, automated backups and restores, encryption, and integration with SQL and BI tools. The document demonstrates using Redshift alongside S3, Pipeline, EC2/MySQL, and Qlik Sense to build a scalable data warehouse solution in the cloud.
Leveraging Amzon EC2 Container Services for Container OrchestrationNeeraj Shah
This is the slides for a talk I gave on AWS EC2 Container Services at AWS + Docker Meetup held @ LinkedIn Bangalore. The video of my presentation can be found at https://youtu.be/GbMGJbDTj-A
OpenNebulaconf2017EU: OpenNebula 5.4 and Beyond by Tino Vázquez and Ruben S. ...OpenNebula Project
In this talk, Rubén and Tino will lay our the novelties (not all of them, there are many!) present in 5.4, ranging from core new functionality to the big changes in vCenter. Also, the roadmap for 5.6 and future versions would be laid out, as far as it is consolidated (it won't be closed yet, but nearly so).
It would also be the perfect session for feature requests, so don't miss it!
YouTube: https://youtu.be/Czzm2EimayY
Openstack platform -Red Hat Pizza and technology event - IsraelArthur Berezin
The document discusses OpenStack, an open source cloud computing platform. It describes OpenStack's modular architecture and core services like Nova for compute, Glance for images, Neutron for networking, Cinder for block storage, and Keystone for identity. It also discusses how Red Hat provides lifecycle support for OpenStack through its RHEL OpenStack Platform, integrating and optimizing OpenStack on Red Hat Enterprise Linux.
OpenNebulaConf2017EU: Enabling Dev and Infra teams by Lodewijk De Schuyter,De...OpenNebula Project
The document discusses enabling development and infrastructure teams at the Flemish government's Department of Environment and Spatial Planning with an OpenNebula hosting platform. It describes challenges with the previous VMware-based hosting platform, including manual server provisioning and network complexity. The new OpenNebula platform aims to provide self-service for dev teams through automation and metadata templates that declaratively define machine configurations. Over 1,100 virtual machines have been migrated to OpenNebula so far, improving agility, transparency and scale. Future plans include datacenter migration and improved support for IO-intensive applications.
Building a pipeline to Destroy Los Angeles in 2012 - Siggraph Asia 2009hpduiker
A presentation on Bento, the central pipeline component developed at Digital Domain to enable the creation of the LA Destruction sequence of 2012 at Digital Domain.
CEPH DAY BERLIN - DEPLOYING CEPH IN KUBERNETES WITH ROOKCeph Community
Rook is a cloud native orchestrator for deploying storage systems within Kubernetes. This presentation will highlight the benefits and goes into the details of using Rook to set up a Ceph cluster. In addition, I will also show how to set up Prometheus and Grafana to monitor Ceph in this environment.
Airship is an open source project that provides tools for declaratively automating cloud provisioning. It includes components for orchestration, deployment, upgrades, and resiliency. Airship uses YAML documents to provision bare metal infrastructure and deploy Kubernetes clusters and application workloads. Developers are encouraged to get involved by joining mailing lists, IRC meetings, and contributing code.
This document discusses using InfluxDB and Kubernetes for monitoring. It provides an overview of deploying InfluxDB and Chronograf using Helm charts. It also describes monitoring Kubernetes infrastructure by deploying Telegraf as a DaemonSet to collect metrics from nodes. Additionally, it covers monitoring applications by deploying Telegraf as a single pod to scrape metrics or as a sidecar. Lastly, it discusses future plans for an InfluxData operator and running InfluxEnterprise outside Kubernetes clusters.
This document discusses containerization and the Docker ecosystem. It begins by describing the challenges of managing different software stacks across multiple environments. It then introduces Docker as a solution that packages applications into standardized units called containers that are portable and can run anywhere. The rest of the document covers key aspects of the Docker ecosystem like orchestration tools like Kubernetes and Docker Swarm, networking solutions like Flannel and Weave, storage solutions, and security considerations. It aims to provide an overview of the container landscape and components.
Kafka Summit SF 2017 - MultiCluster, MultiTenant and Hierarchical Kafka Messa...confluent
This document discusses scaling challenges with large Kafka clusters and proposes a solution of using multiple, smaller Kafka clusters organized hierarchically. The key points are: 1) Large monolithic Kafka clusters have issues like slow operations and increased latency; 2) The solution is to create many smaller "immutable" Kafka clusters and connect them with a routing service; 3) This allows scaling producers and consumers across clusters rather than just brokers.
Kubernetes – An open platform for container orchestrationinovex GmbH
Datum: 30.08.2017
Event: GridKA School 2017
Speaker: Johannes M. Scheuermann
Mehr Tech-Vorträge: https://www.inovex.de/de/content-pool/vortraege/
Mehr Tech-Artikel: https://www.inovex.de/blog/
An introduction into creating a multi tenant SaaS application, creating a database per tenant architecture. Incluiding a case study, example and general pointers
Virtual Flink Forward 2020: Build your next-generation stream platform based ...Flink Forward
As organizations are getting better at capturing streaming data and the data velocity and volume are ever-increasing, the traditional messaging queues or log storage systems are suffering from scalability or operational and maintenance problems. Apache Pulsar is a multi-tenant, high-performance distributed pub-sub messaging system. Pulsar includes multiple features, such as native support for multiple clusters in a Pulsar instance, seamless geo-replication of messages across clusters, very low publishing and end-to-end latency, seamless scalability to over a million topics, and guaranteed message delivery with persistent message storage provided by Apache BookKeeper. In this talk, I will use one of the most popular stream processing engines, Apache Flink, as an example, to share our experience in building a stream processing and storage stack. Some of the traits are: * How to ensure end-to-end exactly-once semantics based on Pulsar's durable and replayable storage as well as Pulsar transaction. * How to implement Pulsar topics as infinite tables based on Pulsar's schema. * How to efficiently store stream states in Pulsar based on Pulsar's layered storage API. * A usage scenario that chaining all functionalities in the streaming platform.
Hybrid clouds provide a good balance between the privacy offered by private clouds and the elasticity and reliability of public clouds. The presentation offers an introduction to the decision criteria when switching from a private to a hybrid cloud architecture and where to start from.
This document discusses using Ansible to automate CloudStack deployments and operations. It provides an overview of Ansible and how it can be used with CloudStack through modules to deploy and manage virtual machines, load balancers, and other infrastructure on CloudStack. Examples are given of using Ansible playbooks to deploy a simple web application on CloudStack and make it highly available through load balancing and automated maintenance.
Flink Forward San Francisco 2019: Massive Scale Data Processing at Netflix us...Flink Forward
Over 137 million members worldwide are enjoying TV series, feature films across a wide variety of genres and languages on Netflix. It leads to petabyte scale of user behavior data. At Netflix, our client logging platform collects and processes this data to empower recommendations, personalization and many other services to enhance user experience. Built with Apache Flink, this platform processes 100s of billion events and a petabyte data per day, 2.5 million events/sec in sub milliseconds latency. The processing involves a series of data transformations such as decryption and data enrichment of customer, geo, device information using microservices based lookups.
The transformed and enriched data is further used by multiple data consumers for a variety of applications such as improving user-experience with A/B tests, tracking application performance metrics, tuning algorithms. This causes redundant reads of the dataset by multiple batch jobs and incurs heavy processing costs. To avoid this, we have developed a config driven, centralized, managed platform, on top of Apache Flink, that reads this data once and routes it to multiple streams based on dynamic configuration. This has resulted in improved computation efficiency, reduced costs and reduced operational overhead.
Stream processing at scale while ensuring that the production systems are scalable and cost-efficient brings interesting challenges. In this talk, we will share about how we leverage Apache Flink to achieve this, the challenges we faced and our learnings while running one of the largest Flink application at Netflix.
Ceph Management and Monitoring with Dashboard v2 - Lenz GrimmerCeph Community
This document discusses the history and development of the Ceph Dashboard tool. It describes the limitations of the original Dashboard v1 and the goals for the new Dashboard v2, which uses an Angular frontend and modular Python backend. Dashboard v2 aims to provide full management and monitoring capabilities for Ceph clusters in a web UI, addressing the limitations of the previous version. The document demonstrates Dashboard v2 and outlines next steps to add additional management features.
Everything you wanted to know about RadosGW - Orit Wasserman, Matt BenjaminCeph Community
This document provides an overview of object storage concepts and features of Ceph's RADOS Gateway (RGW). Key points include:
- RGW provides a RESTful API for object storage that is compatible with AWS S3 and OpenStack Swift.
- Objects stored in RGW can be large in size and immutable, with permissions set at the object level.
- Multipart uploads allow efficient transfer of large objects by splitting them into parts.
- Versioning and lifecycle policies allow automatic management of object versions and transitions.
- RGW can be used to provide NFS access to the object storage namespace.
Mapbox runs its map tile services across 9 data centers globally to provide high availability and low latency for its customers worldwide. A map request first hits the nearest content delivery network, then the local load balancer which routes it to an application server in that region. The server authenticates the request and retrieves the tile data from a distributed database and object storage, checking a local cache first. This global infrastructure allows Mapbox to meet its service level agreement of 99.9% uptime while minimizing latency for users around the world.
Data Security Governanace and Consumer Cloud StorageDaniel Rohan
a brief on the most popular consumer cloud storage protocols along with suggestions to mitigate the threat of data exfiltration via these services on corporate networks.
We are sharing our process of migrating to the container based DroneCI platform and our lessons learned when scaling it up for an active open source project like ownCloud. Our journey started with a static legacy CI system, which was gradually replaced with, at first, a static DroneCI infrastructure. Over the course of half a year, we further more migrated to a cloud provider in order to dynamically scale the CI system based on the build volume. The lessons learned during this journey, were transformed and contributed to the DroneCI project and resulted in the DroneCI autoscaler - which allows for automatic scaling of infrastructure resources with common cloud providers.
Amazon Redshift is a cloud-hosted data warehouse service from AWS that allows for petabyte-scale analytics on large datasets using massive parallel processing. It stores data in a column-oriented format and integrates with other AWS services like S3, DynamoDB, and EMR. Redshift provides features like columnar storage, parallel query processing across multiple nodes, automated backups and restores, encryption, and integration with SQL and BI tools. The document demonstrates using Redshift alongside S3, Pipeline, EC2/MySQL, and Qlik Sense to build a scalable data warehouse solution in the cloud.
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes builds upon 15 years of experience of running production workloads at Google, combined with best-of-breed ideas and practices from the community.
Openstack days sv building highly available services using kubernetes (preso)Allan Naim
This document discusses Google Cloud Platform's Kubernetes and how it can be used to build highly available services. It provides an overview of Kubernetes concepts like pods, labels, replica sets, volumes, and services. It then describes how Kubernetes Cluster Federation allows deploying applications across multiple Kubernetes clusters for high availability, geographic scaling, and other benefits. It outlines how to create clusters, configure the federated control plane, add clusters to the federation, deploy federated services and backends, and perform cross-cluster service discovery.
Orchestrating Linux Containers while tolerating failuresDocker, Inc.
lthough containers are bringing a refreshing flexibility when deploying services in production, the management of those containers in such an environment still requires special care in order to keep the application up and running. In this regard, orchestration platforms like Docker, Kubernetes and Nomad have been trying to alleviate this responsibility, facilitating the task of deploying and maintaining the entire application stack in its desired state. This ensures that a service will be always running, tolerating machine failures, network erratic behavior or software updates and downtime. The purpose of this talk is to explain the mechanisms and architecture of the Docker Engine orchestration platform (using a framework called swarmkit) to tolerate failures of services and machines, from cluster state replication and leader-election to container re-scheduling logic when a host goes down.
This document provides an overview of Docker containers and their benefits. It discusses how containers provide isolation and portability for applications compared to virtual machines. The document outlines the history and growth of container technologies like Docker. It then covers how to build, ship, and run containerized applications on platforms like Docker, OpenShift, and Kubernetes. Use cases discussed include application development, modernization, and cloud migrations.
The document provides an overview of using Amazon Web Services (AWS) for high-performance computing (HPC) clusters. It discusses how AWS enables scientists to build HPC clusters on demand that can scale up and down based on workload needs. Specific solutions and services mentioned include Alces Flight for launching ready-to-compute HPC clusters on AWS in minutes, the AWS Spot Market for accessing spare computing capacity at low costs, and examples of using AWS for scientific workloads like satellite image analysis and computational fluid design simulations.
Leveraging Cassandra for real-time multi-datacenter public cloud analyticsJulien Anguenot
iland has built a global data warehouse across multiple data centers, collecting and aggregating data from core cloud services including compute, storage and network as well as chargeback and compliance. iland's warehouse brings actionable intelligence that customers can use to manipulate resources, analyze trends, define alerts and share information.
In this session, we would like to present the lessons learned around Cassandra, both at the development and operations level, but also the technology and architecture we put in action on top of Cassandra such as Redis, syslog-ng, RabbitMQ, Java EE, etc.
Finally, we would like to share insights on how we are currently extending our platform with Spark and Kafka and what our motivations are.
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...DataStax Academy
iland has built a global data warehouse across multiple data centers, collecting and aggregating data from core cloud services including compute, storage and network as well as chargeback and compliance. iland's warehouse brings actionable intelligence that customers can use to manipulate resources, analyze trends, define alerts and share information.
In this session, we would like to present the lessons learned around Cassandra, both at the development and operations level, but also the technology and architecture we put in action on top of Cassandra such as Redis, syslog-ng, RabbitMQ, Java EE, etc.
Finally, we would like to share insights on how we are currently extending our platform with Spark and Kafka and what our motivations are.
Adopting Docker for production applications and services used to be hard. You had to hand-roll a lot of the underlying infrastructure and write lots of custom code for service discovery, load balancing, orchestration, desired state, etc. Today, with the rise of open source container orchestration platforms and cloud-native offerings, it's a lot easier to get up and running.
Github repo for demo: https://github.com/elabor8/dockertalk
Highly Available And Distributed Containers - ContainerCon NA 2016{code}
This presentation was delivered at ContainerCon North America 2016 that was held in Toronto. This talk examines the history of Docker Swarm and libNetwork and Storage to see how the increased complexity in the container ecosystem is actually simplified over time.
Enterprise data centers have to support a diverse of set of workloads: cloud native, big data, high performance computing, and legacy applications. While cloud native applications are ideal to run in Docker clusters, bare metal and virtualization infrastructures must still be supported in the data center. The result is a proliferation of clusters and technologies running in individual silos, resulting in high management costs and low utilization. This talk describes the challenges and experiences in implementing a shared cluster infrastructure based on Kubernetes to support big data, high performance computing, and VM-based workloads. The talk will show the deployment and scaling of a high performance computing workload manager, Spark, and OpenStack, and how the VM and Docker management can be integrated together.
This document provides an overview and demonstration of Clocker, an open source tool for managing Docker clouds and deploying composite applications on Docker. It discusses Clocker's components including its use of Brooklyn for application management and jclouds for provisioning. It also covers Clocker's features such as container placement strategies, networking using Weave, and roadmap items like support for Docker Swarm and improved networking.
This document provides an overview of Docker containers and developer workflows using Docker. It defines containers and images, and explains how Docker abstracts machine-specific settings to allow containers to run on different machines. Popular Docker images are listed, and benefits of using Docker for development are outlined. Common Docker commands are also described.
This document discusses Docker containers and CoreOS. It summarizes Sebastien Goasguen's background working with high performance computing, cloud computing, and various open source projects. It then discusses how Docker simplifies application deployment and portability using containers and image sharing. CoreOS is introduced as a Linux distribution optimized for Docker with tools like etcd and Fleet for managing distributed applications across containers. Kubernetes is presented as a system for orchestrating Docker containers across multiple hosts and providing services like replication and high availability.
Clocker: Managing Container Networking and PlacementDocker, Inc.
This talk introduces Clocker and shows how to bootstrap a Docker Cloud that is responsive and scalable, across a dynamic cluster of hosts and cloud providers. Clocker is an Apache licensed open source project that demonstrates intelligent placement, on-demand provisioning and autonomic management of containers using Apache Brooklyn as the central nervous system. The Clocker stack enhances the standard Docker installation using best practices for configuration and integrates Weave networking capabilities plus Apache jclouds for provisioning on any infrastructure. We will show how to use Clocker to deploy, monitor and scale complex applications defined using Brooklyn blueprints across a network of Docker containers in the cloud.
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...Radhika Puthiyetath
Sebastien Goasguen is a developer who works on Apache CloudStack and other open source projects related to cloud computing, containers, and big data. He gave a talk covering CloudStack, Docker, Kubernetes, CoreOS, and how various technologies can work together for managing distributed applications and infrastructure. He also discussed the evolving landscape of cloud computing and how big data solutions fit within that landscape.
This document provides an overview of Docker containers, including why they are used, how they work, and how to get started with Docker. Containers provide portability and efficiency compared to virtual machines by leveraging the host operating system and reducing resource usage. The document reviews container concepts like images and Dockerfiles, demonstrates basic Docker commands, and discusses volumes, Docker Compose, and Docker registries. It concludes with suggestions for hands-on learning through examples and further reading.
Similar to Mapbox.com: Serving maps from 8 regions (20)
This document discusses a product crunch event in Berlin in March 2018. It focuses on computing, payments, communications, and location-based technologies. The document includes a link to Snapchat's map feature and is authored by Johan Uhle, who can be found on Twitter under the handle @freenerd.
In-Car Navigation with OSRM - Wherecamp Berlin 2016Johan
The document discusses using Open Source Routing Machine (OSRM) for in-car navigation. It covers how OSRM can provide dynamic speeds based on real-time traffic conditions to improve route timing accuracy. It also explains how OSRM provides turn-by-turn guidance instructions for navigation that can be integrated into mobile apps.
The document summarizes recent updates to the Open Source Routing Machine (OSRM) project. OSRM version 5 now supports dynamic speed data to provide more accurate arrival time estimates, and improved guidance instructions for turns, lanes, ramps, and destinations. The speaker encourages using OSRM for in-car navigation and bringing your own dynamic speed data, as it has guidance capabilities ready for vehicle integration.
Open Source Routing Machine - FOSS4G 2016 BonnJohan
My presentation on OSRM
VIDEO:
http://ftp5.gwdg.de/pub/misc/openstreetmap/FOSS4G-2016/foss4g-2016-1332-dealing_with_change_-_osrm_version_5-hd.webm
http://ftp5.gwdg.de/pub/misc/openstreetmap/FOSS4G-2016/foss4g-2016-1332-dealing_with_change_-_osrm_version_5-hd.mp4
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015Johan
The Mapbox Directions Pipeline aims to always have the freshest map data available for routing. It involves getting the latest OpenStreetMap data, pre-processing it for directions, loading the new data into API servers, and then repeating the process. Each step uses its own CloudFormation stack. The pipeline downloads planet files from OpenStreetMap, pre-processes them for different transport profiles, uploads the results to S3, and updates the API CloudFormation stacks to fetch the new data.
DJing has evolved over time from radio DJs in the 1940s-50s to club DJs today. DJs play recorded music for audiences by selecting tracks and mixing them together using techniques like beatmatching. The role of DJs has expanded with developments in electronic music genres and advances in DJ equipment going digital. Today, DJing involves skills like reading crowds, deep music knowledge, filtering tracks, and building a brand as competition has grown in the globalized industry.
Barcamp London 7 Tracksonamap Google App EngineJohan
The document discusses a project called "Tracks On A Map" that maps sound clips from SoundCloud to locations on Google Maps. It was developed at Music Hack Day Berlin using Google App Engine, which allows for easy deployment of applications without administration but has limitations like restricted programming languages, quotas, and a 30 second response time limit. The presentation provides an overview of SoundCloud's API, the concept and interface of Tracks On A Map, and both benefits and drawbacks of using Google App Engine.
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
High performance Serverless Java on AWS- GoTo Amsterdam 2024Vadym Kazulkin
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
QA or the Highway - Component Testing: Bridging the gap between frontend appl...zjhamm304
These are the slides for the presentation, "Component Testing: Bridging the gap between frontend applications" that was presented at QA or the Highway 2024 in Columbus, OH by Zachary Hamm.
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
In our second session, we shall learn all about the main features and fundamentals of UiPath Studio that enable us to use the building blocks for any automation project.
📕 Detailed agenda:
Variables and Datatypes
Workflow Layouts
Arguments
Control Flows and Loops
Conditional Statements
💻 Extra training through UiPath Academy:
Variables, Constants, and Arguments in Studio
Control Flow in Studio
28. Client → DNS → CDN -> DNS
Load Balancer
• ELB: Amazon Elastic Load Balancer
• Terminate TLS
• Route requests to application servers
28
29. Client → DNS → CDN -> DNS -> Load Balancer
Application Servers
• EC2: Amazon Elastic Compute Cloud
• Virtual Machines
• EC2 instances are provisioned via Auto Scaling Group
• Auto Scaling is based on instance CPU load
• Scale up/down if CPU load over/under 55%/20% for 2
minutes
29
30. Client → DNS → CDN -> DNS -> Load Balancer
Application Servers
• Node.js/Express
• Authentication
• Determine location of tiles
• Fetch tiles and return them
30
31. Client → DNS → CDN -> DNS -> Load Balancer
Application Servers
Fetching tiles
• check simultanously in local cache (redis) and object store
(s3)
• return from where is found first
• if only found in object store, update local cache
31
32. Client → DNS → CDN -> DNS -> Load Balancer
Application Servers
Cache vs. Object Store
• redis: 50% cache hits
• (60% non-cdn = 30% total requests)
• redis is used as least-recently used cache, thus popular tiles
for a region are usually cached
• redis is provisioned by AWS via ElastiCache
32
38. Deploy to many regions
• constantly have around 300 EC2 instances running
• last months spike was 1000 EC2 instances (batch jobs)
• can't care for individual EC2 instances
• every developer handles deployment themselves
38
40. Deploying cloudformation stacks
mapbox-cli
• the tool, the infrastructure team gives to developers
• abstracts and automates common tasks
• encodes our conventions for using AWS
40
44. Deploys with interruptions
• Take region out of Route 53
• Wait for traffic to cease
• Update stack
• Put region back into Route 53
44
45. • mapbox-cli is built with node.js
• mostly based around the aws-js sdk
• github.com/mapbox
• cfn-config
• cfn-stack-event-stream
• as-replace-instances
45