Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GOTO Amsterdam 2015: A Cloud Infrastructure for Scaling Innovation Across Autonomous Teams

1,809 views

Published on

This talk shed lights on how Zalando, Europe’s leading ecommerce platform for fashion, has developed an architecture and set of open source cloud tools that scales as its technology team (100 autonomous engineering teams and counting) grows and evolves. It also describes the challenges regarding compliance and innovation that teams of our size face, and how we built our cloud infrastructure on top of AWS and Docker to manage these challenges.

http://gotocon.com/amsterdam-2015/presentation/A%20Cloud%20Infrastructure%20for%20Scaling%20Innovation%20Across%20Autonomous%20Teams

Published in: Technology
  • Be the first to comment

GOTO Amsterdam 2015: A Cloud Infrastructure for Scaling Innovation Across Autonomous Teams

  1. 1. A Cloud Infrastructure for Scaling Innovation Across Autonomous Teams henning.jacobs@zalando.de / @try_except_ GOTO Amsterdam 2015
  2. 2. ARCHITECTURE RADICAL AGILITY ABOUT US HISTORY INFRASTRUCTURE AGENDA
  3. 3. Henning Jacobs ● STUPS Hacker ● Twitter: @try_except_ ● henning.jacobs@zalando.de ABOUT ME
  4. 4. 15 countries 3 fulfillment centers 15+ million active customers 2.2+ billion € revenue 2014 130+ million visits per month 8.000+ employees ONE OF EUROPE’S LARGEST ONLINE FASHION RETAILERS Visit us: tech.zalando.com
  5. 5. A BRIEF HISTORY OF ZALANDO TECHNOLOGY
  6. 6. A BRIEF HISTORY OF ZALANDO TECH
  7. 7. ZALANDO PLATFORM
  8. 8. ~70% of all applications WAR deployment Single deployment tool On-premise data center MAIN PRODUCTION STACK SINCE 2010
  9. 9. Platform THE CHALLENGE Platform team request servers deploy
  10. 10. Platform THE CHALLENGE 80+ delivery teams Platform team deploy request servers request storage
  11. 11. RADICAL AGILITY
  12. 12. GOAL DELIVER AMAZING PRODUCTS EFFICIENTLY AT SCALE, AND FEELING GREAT ABOUT IT.
  13. 13. 3 PRINCIPLES
  14. 14. PURPOSE
  15. 15. AUTONOMY
  16. 16. MASTERY
  17. 17. LEADERSHIP FROM CONTROL & COMMAND TO PURPOSE AND TRUST
  18. 18. NEW LEADERSHIP DELIVERY LEAD PEOPLE LEAD
  19. 19. ARCHITECTURE AN ARCHITECTURE FOR INNOVATION
  20. 20. API FIRST
  21. 21. REST
  22. 22. SAAS
  23. 23. MICRO SERVICES
  24. 24. CLOUD
  25. 25. STUPS STUPS To Unleash Penguin Swarms
  26. 26. AWS STUPS DOCKER DEPLOY SSH ACCESS AUDIT REPORTS FULL AWS ACCESS A PLATFORM ON TOP OF AMAZON WEB SERVICES
  27. 27. AUTONOMY AND COMPLIANCE STUPS offers maximum freedom for developers while enabling near-real-time audit compliance for every single application.
  28. 28. One AWS account per Team Deployment with Docker Managed SSH Access REST/OAuth 2.0 mandatory Supports Traceability of Changes STUPS IN A NUTSHELL
  29. 29. Public Internet *.foo.example.org *.bar.example.org Team “Foo” Team “Bar”ELB ELB EC2 Instance EC2 InstanceEC2 InstanceEC2 Instance EC2 InstanceEC2 Instance Data Center LB EC2 InstanceEC2 InstanceLegacy Instances ISOLATED AWS ACCOUNTS
  30. 30. DEPLOYMENT
  31. 31. IMMUTABLE STACKS
  32. 32. AWS DEPLOYMENT WITH SENZA Senza CLI Pier One docker pull docker push Taupage
  33. 33. SENZA: DEFINITION YAML
  34. 34. SENZA: BOOTSTRAP NEW CLOUD FORMATION STACK
  35. 35. SENZA: MANAGE STACKS
  36. 36. LOGGING
  37. 37. APPLICATION LOGS: TAUPAGE SUPPORTS LOGENTRIES AND SCALYR
  38. 38. SSH ACCESS
  39. 39. SSH ACCESS: TIME-LIMITED ACCESS TO ANY TEAM SERVER
  40. 40. MONITORING
  41. 41. TODO: Screenshot ZMON
  42. 42. ZMON APPLIANCE *.foo.example.org *.bar.example.org Team “Foo” Team “Bar” EC2 Instance EC2 InstanceEC2 Instance EC2 Instance ZMON Appliance ZMON Appliance KairosDB EC2 Instance EC2 Instance ZMON Controller ELB ELB
  43. 43. HYSTRIX TURBINE
  44. 44. FULLSTOP: REPORT VIOLATIONS
  45. 45. OAUTH
  46. 46. OAUTH: APPLICATION REGISTRATION IN YOUR TURN
  47. 47. OAUTH: CREDENTIAL DISTRIBUTION VIA S3 BUCKETS AWS YOUR TURN get access token Taupage Kio Mint OAuth Provider store passwords get password S3 rotate passwords
  48. 48. STUPS Frontpage http://stups.io STUPS Documentation http://docs.stups.io GitHub Repositories https://github.com/zalando-stups Trying out Senza and Taupage http://docs.stups.io/en/latest/user-guide/standalone-deployment.html LINKS
  49. 49. QUESTIONS? http://stups.io @try_except_
  50. 50. BACKUP
  51. 51. STUPS COMPONENTS
  52. 52. ● ELB for inbound traffic ● NAT instances for outbound ● HTTPS Only ● Internal subnets for app instances DMZ DMZ DMZ internalinternal eu-west-1a eu-west-1b eu-west-1c ELB EC2 internal EC2 NAT STUPS: AWS ACCOUNT VPC SETUP
  53. 53. Pier One Docker Reg. build approve EC2 Instances Docker Container Application “myapp” issue_management: Jira Application Version “1.0” artifact: docker/myart:1.0 Taupage AMI Ticket System Kio Application Registry Ticket System SCM Image “docker/myart:1.0” commit: afb123Issue “ABC-123” spec: [...] Commit “afb123” msg: ABC-123.. ✓ specs approved ✓ artifact tested ✓ artifact approved STUPS: TRACEABILITY
  54. 54. ZALANDO TECH CONSTITUTION PT. 1
  55. 55. ZALANDO TECH CONSTITUTION PT. 2

×