This document provides an overview of the technical architecture for a cloud platform. It discusses various components including source control, continuous integration/build services, artifact storage, deployment services, infrastructure as code, orchestration, configuration/vaults, logging, monitoring, service discovery, load balancing, and platform services. For each component, it outlines relevant features, example solutions, and standards. The overall goal is to provide guidance on architecting a cloud platform that can build, deploy, host, run, and monitor application services.

1. Platform
Technical Architecture

2. Hello!
I am DAVE
I have lots of letters after my name and many years
of experience in getting stuff done.
You can find me at @d_bones

3. Architecture
I like how Simon Brown describes this:
Vision
The process of architecting making
(significant) design decisions etc.
Structure
The definition of something in terms of its
components and interactions.

4. 4+1 Architecture
Today we will look at the physical view, aka deployment architecture.

5. Pipelines
Quick overview of some pipelines which are associated to the
platform.
:)

6. Pipelines
Development
Code
Build
Deploy
Infrastructure
Define
Deploy
Maintenance
Backup
Scale & Monitor

7. Development pipeline
Simple overview of a build to deployment pipeline. Note that when deployment a compiled artifact,
you may deploy this to a number of environments (test, prod, etc).

8. Platform
30,000 feet view of a cloud platform.
#

9. Overview
Check out my slides on Principals, as this will play into any decision making.
This contains an overview of components to
◇ Build
◇ Deploy
◇ Host / Run
◇ Monitor
a set of application services.

10. Platform overview
From Code -> Running

11. Solution
Development
From code to deploying onto the platform.

12. Source Control
Centralised location to store your code, with support for master and feature branch development.
Features
◇ Webhook support
◇ 3rd party integrations
◇ Code Collaboration
◇ Code Review
◇ Branches
◇ Revision History
◇ Secure (2FA?, encryption etc)
◇ Workflow support
Solutions
◇ Bitbucket
◇ Github
◇ VSTS
◇ GitLab
◇ ...
https://www.git-tower.com/blog/git-hosting-services-compared/
Standards
◇ Git
◇ Mercurial (HG)
◇ Subversion (SVN)

13. Build Service
Continuous Integration is key to automate the creation of a build artifact. This artifact will be deployed
onto an artifact server such as Docker Hub, NPM etc.
Features
◇ Webhook support
◇ 3rd party integrations
◇ OS Support
◇ Stack support
◇ Source Control Branch Support
◇ Build pipelines
◇ Configuration with code
◇ Clean isolated agent
◇ Parallel test running
◇ Build History / Reports
◇ Run locally
◇ Secure
◇ Workflow support
Solutions
◇ Bamboo
◇ Jenkins
◇ VSTS Build
◇ Travis CI
◇ AppVeyor
◇ Circle Ci
◇ Drone IO
◇ Shippable
◇ Wercker CI
◇ TeamCity
◇ ...
Standards (during build)
◇ Not really, at a pinch
◇ YAML
◇ Docker
Component Standards
◇ NPM
◇ Bower
◇ Docker
◇ Maven
◇ Nuget
◇ Gems
◇ ...

14. Artifact Store
Stores the compiled artifact, which has been tested to a degree. Ready to be consumed directly by the
developer / build server (library component) or deployed via the deployment service (application,
middleware)
Features
◇ Webhook support
◇ 3rd party integrations
◇ Secure (encryption)
◇ Fast network
◇ Store multiple version
Solutions
◇ Docker Hub
◇ Quay IO
◇ Nuget
◇ MyGet
◇ NPM
◇ Artifactory
◇ BitBucket (Releases)
◇ GitHub (Releases)
◇ ...
Standards
◇ NPM
◇ Bower
◇ Docker
◇ Maven
◇ Nuget
◇ Gems
◇ Zip / Tar
◇ ...

15. Deploy Service
Automate deploying an artifact to an environment. (This is different to a CI server responsibility)
In some cases you may need to automate the creation of a temporary environment (e2e testing)
Features
◇ Webhook support
◇ 3rd party integrations
◇ OS Support
◇ Automated deployments
◇ Multiple environment support
◇ Environment definitions
◇ Environment overview
◇ Environment configuration
◇ Approval Workflow support
◇ Scripting
◇ Secure
Solutions
◇ Bamboo
◇ Jenkins
◇ VSTS Release
◇ Shippable
◇ BuildMaster
◇ Octopus Deploy
◇ …
Standards
◇ WebDeploy
◇ Docker

16. Platform
Management
Creating servers and hosting
applications/services.

17. IaaS (PaaS*)
Creating networks and servers on demand to host your services, with availability and scale sets.
Use of particular platform services (remember platform vendor lock in.).
Note you can span your platform across more than one IaaS, uses the best parts from any provider.
Features
◇ API & Webhook support
◇ 3rd party integrations
◇ OS Support
◇ Bare Metal / Virtual Machines
◇ Networking
◇ Firewalls
◇ VPN
◇ Hardware SSD / RAM / CPU’s
◇ Availability / Scale sets
◇ Multiple Data Centers
◇ Secure
Solutions
◇ Azure
◇ AWS
◇ RackSpace
◇ Digital Ocean
◇ Google Cloud Engine
◇ …
Interesting solution:
operations-management-suite
Standards
◇ None?

18. IaaS (Provision Scripts)
Infrastructure as Code.
Provision the Network and Servers, with correctly configured Availability and Scale sets. Note that the
servers will be provisioned with the Orchestrators Agents installed onto them.
Features
◇ Create Servers
◇ Create Networks
Solutions
◇ Terraform
◇ Ansible
◇ Azure Resource Manager
◇ ...
Standards
◇ None?

19. Orchestrator
Coordinates deployment and continuous running of services on the platform (servers). This is basically
the hosting platform.
Note that these solutions will be used to deliver other parts of the platform components.
Features
◇ API & Webhook support
◇ 3rd party integrations
◇ OS Support
◇ SDN - Cross host networking
◇ Multiple environments
◇ High Availability
￭ Auto Healing
￭ Health Monitoring
◇ Rolling upgrades
◇ Fast startup and shutdown
◇ Scaling services
◇ Service placement
◇ High Density
◇ Hyper convergence (VM’s too)
Solutions - Container based
◇ Rancher
◇ Kubernetes
◇ Docker Swarm
◇ …
Solutions - alternative
◇ Service Fabric
Standards
◇ Docker

20. Configuration / Vault
A component to securely store application secrets. These can then be accessed during deployment
and during the application running.
Depending on the component used it will impact the overall solution architecture.
Features
◇ API support
◇ 3rd party integrations
◇ Securely store values
◇ Securely store encryption keys
Solutions - Value
◇ Hashi Vault
◇ Consul
Solutions - HSM Keys
◇ AWS Key Management Service
◇ Azure Key Vault
Solutions - Values @ deployment
◇ MS Release
◇ ...
Standards
◇ None?

21. Service Support
Knowing what is going on, so we can
re-act accordingly

22. Logging
Centralised logging service is key to spot and find errors which can occur for a service being hosted on
several machines, or for several service on a single machine.
Features
◇ API support
◇ 3rd party integrations
◇ Dashboard
◇ Easy Log filtering & sorting
￭ By service
￭ By host
￭ By severity
◇ Store log entry details
◇ Automatically manage storage
◇ Live log feed
◇ Alerts
◇ Collect logs from all your
components
Solutions
◇ ELK stack
◇ LogEntries
◇ Loggly
◇ ...
Standards
◇ Log4Net
◇ Winston

23. Monitoring
Knowing that our platform is healthy and being alerted immediately when it is not.
Gain understanding and trend insight of our services.
Interestingly many components will provide partly to this, however we need a central view of our
estate, which could be spanning several data centers across several IaaS providers.
Features
◇ API support
◇ 3rd party integrations
◇ Dashboards
◇ APM
◇ End user monitoring
￭ Mobile
￭ Browser
◇ Infrastructure Visibility
◇ Database and Queues
monitoring
◇ Application analytics
◇ Alerts
Solutions
◇ ELK stack
◇ New Relic
◇ SysDig cloud
◇ DataDog
◇ Dynatrace
◇ Appdynamics
◇ MS Operations management
suite
◇ Prometheus
◇ Icinga 2
◇ StatusPage IO
◇ Pingdom
◇ ...
Standards
◇ Stats D
◇ HTTP

24. Platform services
Services which your application will use
directly

25. Service Discovery
AKA Service Registry. This component is a lookup for all hosted services and their instances.
As an orchestrator manages the deployment and running of services, they normally a service
discovery solution.
Features
◇ API support
◇ Holds the location of all active
service instance
◇ High availability
Solutions
◇ Etcd
◇ Zoo Keeper
◇ Consul
◇ DNS
◇ Message Broker
Solutions - orchestrator
◇ Rancher - DNS (changeable)
◇ Kubernetes - Env Var / DNS
◇ Docker Swarm - DNS
◇ …
Standards
◇ DNS
http://dbones.github.io/2016/01/service-discovery/

26. Load Balancing
Requests being shared across multiple instances of a service.
As an orchestrator manages the deployment and running of services, they normally include some form
of load balancer
Features
◇ API support
◇ Holds the location of all active
service instance
◇ High availability
◇ Session affinity
◇ Round robin
◇ SSL Termination
Solutions
◇ HA Proxy
◇ Nginx
◇ DNS
Solutions - orchestrator
◇ Rancher - HA Proxy / DNS /
custom
◇ Kubernetes - Kube-Proxy
/custom
◇ Docker Swarm internal /
custom
Standards
◇ DNS
◇ Layer 4 and 7 OSI
http://dbones.github.io/2016/01/service-discovery/
https://www.nginx.com/resources/glossary/layer-4-load-balancing/

27. Possible setup
To the cloud!

28. Set your strategy
◇ Confirm your Goals, Principles and Constraints.
◇ Apply basic research to get a candidate list of
components (put the logo against each component
in the platform diagram).
◇ Note which candidates are tactical or strategic.
◇ Run a number of POC’s and Technology Adoption
Processes on the the candidates.
◇ Retrospect on your choices and evolve.

29. Example platform

30. Thanks!
Any questions?
You can find me at:
◇ @d_bones
◇ dbones.co.uk