CLOUD - osones.com · Containers 4.17. APIS ARE KEY Reminder: API stands for Application...
Transcript of CLOUD - osones.com · Containers 4.17. APIS ARE KEY Reminder: API stands for Application...
CLOUD
1
ABOUT THESE TRAINING MATERIALS
2 . 1
TRAINING MATERIALS WRITTEN BY ALTER WAY CLOUDCONSULTING
ex Osones -
Copyright © 2014 - 2019 alter way CloudConsultingLicense: Sources: HTML/PDF:
Creative Commons BY-SA 4.0 license
https://cloud-consulting.alterway.fr
Creative Commons BY-SA 4.0https://github.com/Alterway/formations/
https://osones.com/formations/
2 . 2
INTRODUCTION
3 . 1
GOALS OF THE TRAINING: CLOUDUnderstand concepts and benefits of cloudKnow the vocabulary related to cloudOverview of cloud market players and focus on AWS andOpenStackKnow how to take advantage of IaaSBe able to decide what is cloud compatible or notAdapt its system administration and development methodsto a cloud environment
3 . 2
CLOUD, OVERVIEW
4 . 1
FORMAL DEFINITION
4 . 2
SPECIFICATIONSProvide one or more service(s)...
Self serviceThrough thenetworkSharing resourcesFast elasticityMetering
Inspired by the NIST definitionhttps://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-
145.pdf
4 . 3
SELF SERVICEUser goes directly to the serviceNo humain intermediaryImmediate responsesServices catalog for theirdiscovery
4 . 4
THROUGH THE NETWORKUser uses the service through the networkThe service provider is remote to the consumerNetwork = internet or notUsage of standard network protocols (typically:HTTP)
4 . 5
SHARING RESSOURCESA cloud provided services to multiple users/organizations(multi-tenant)Tenant or project: logical isolation of resourcesResources are available in large quantities (consideredunlimited)Resources usage is not visibleAccurate location of resources is not visible
4 . 6
FAST ELASTICITYProvisionning and deletion of resources almostinstantaneousEnables scalingAbility to automate these scaling actionsVirtually no limit to this elasticity
4 . 7
METERINGUsage of cloud resources is monitored by the providerThe provider can do capacity planning and billing from theseinformationsUser is therefore billed depending on accurate usage ofresourcesUser can take advantage of these informations
4 . 8
MODELSservice models: IaaS, PaaS, SaaSdeployment models: public, private,hybrid
4 . 9
IAASInfrastructure as a ServiceInfrastructure:ComputeStorageNetworkTarget users: administrators (system, storage,network)
4 . 10
PAASPlatform as a ServiceTwo concepts:Environment to develop/deploy an application(language/framework specific - example: Python/Django)Higher level resources than infrastructure, example: DBMSTarget users: application developers
4 . 11
SAASSoftware as a ServiceTarget users: end usersNot to be confused with the economic definition ofSaaS
4 . 12
SOMETHING AS A SERVICE?Load balancing as a Service (Infra)Database as a Service (Platform)MyApplication as a Service(Software)etc.
4 . 13
SERVICE MODELS IN ONE DIAGRAM
IaaS - PaaS - SaaS (source: Wikipedia)
4 . 14
PUBLIC OR PRIVATE CLOUD?Who is it for?
Public: everyone, available on internetPrivate: to an organization, available on itsnetwork
4 . 15
HYBRID CLOUDUsage of multiple public and/or private cloudsAttractive concept but implementation is hard a prioriSome use cases fit perfectlyContinuous integration (CI)Incentives:Avoid lock-inCloud bursting
4 . 16
VIRTUALIZATION INSTANTLet's make it clear.
Virtualization is a technology that can implement thecompute functionA cloud providing compute resources can use virtualizationBut it can also use:Bare-metalContainers
4 . 17
APIS ARE KEYReminder: API stands for Application Programming InterfaceIn the software sense: Interface for a program to use a libraryIn the cloud sense: Interface for a program to use a service(XaaS)Programming interface (through the network, often HTTP)Explicit boundary between the provider and the userDefines how the user interacts with the cloud to manage theirresourcesManages: CRUD (Create, Read, Update, Delete)
4 . 18
API RESTOne ressource == one URI (Uniform Resource Identifier)Usage of HTTP verbs to define operations (CRUD)GETPOSTPUTDELETEUsage of HTTP return codesResources are represented in the HTTP responses'body
4 . 19
REST - EXAMPLESGET http://endpoint/volumes/GET http://endpoint/volumes/?size=10POST http://endpoint/volumes/DELETE http://endpoint/volumes/xyz
4 . 20
REAL EXAMPLEGET /v2.0/networks/d32019d3-bc6e-4319-9c1d-6722fc136a22{ "network":{ "status":"ACTIVE", "subnets":[ "54d6f61d-db07-451c-9ab3-b9609b6b6f0b" ], "name":"private-network", "provider:physical_network":null, "admin_state_up":true, "tenant_id":"4fd44f30292945e481c7b8a0c8908869", "provider:network_type":"local", "router:external":true, "shared":true, "id":"d32019d3-bc6e-4319-9c1d-6722fc136a22", "provider:segmentation_id":null }}
4 . 21
WHY CLOUD? ECONOMICAL POINT OF VIEWConsider IT resources as service provider resourcesShift the "investment" budget (Capex) to the "operation"budget (Opex)Cut costs by sharing resources, and maybe with economies ofscaleReduce delivery timesMatch costs to the real usage of resources
4 . 22
WHY CLOUD? TECHNICAL POINT OF VIEWAbstract from the lower layers (server, network, OS, storage)Get rid of the technical administration of resources andservices (DB, firewalls, load-balancing, etc.)Design infrastructures which can scale on the flyAct on resources through lines of code and manageinfrastructures "as code"
4 . 23
MARKET
4 . 24
AMAZON WEB SERVICES (AWS), LEADER
AWS logoStarted in 2006At first: "e-commerce" web services fordevelopersThen: other services for developersAnd finally: infrastructure resourcesRecently, SaaS
4 . 25
PUBLIC IAAS ALTERNATIVES TO AWSGoogle Cloud PlatformGoogle Cloud PlatformMicrosoft AzureMicrosoft AzureRackspaceDreamHostDigitalOceanIn France:Cloudwatt (Orange BusinessServices)Numergy (SFR)OVHIkoulaScalewayOutscale
4 . 26
PRIVATE IAASOpenStackOpenStackCloudStackEucalyptusOpenNebula
4 . 27
OPENSTACK IN A FEW WORDS
OpenStack logoWas born in 2010OpenStack Foundation since 2012Written in Python and distributed under Apache 2.0 licenseLarge support from the industry and various contributions
4 . 28
PUBLIC PAAS EXAMPLESAmazon Elastic Beanstalk( )Google App Engine ( )Heroku ( )
https://aws.amazon.com/fr/elasticbeanstalkhttps://cloud.google.com/appengine
https://www.heroku.com
4 . 29
PRIVATE PAAS SOLUTIONSCloud Foundry, Foundation ( )OpenShift, Red Hat ( )Solum, OpenStack ( )
https://www.cloudfoundry.orghttps://www.openshift.org
https://wiki.openstack.org/wiki/Solum
4 . 30
INFRASTRUCTURE AS A SERVICE CONCEPTS
4 . 31
BASICSInfrastructure:ComputeStorageNetwork
4 . 32
COMPUTE RESOURCESInstanceImageFlavorKeypair (SSH)
4 . 33
INSTANCEDedicated to computeShort typical lifetime, to be consideredephemeralShould not store persistent dataNon persistent root diskBased on an image
4 . 34
CLOUD IMAGEDisk image containing an already installed OSInfinitely instanciableCan talk to the metadata API
4 . 35
METADATA APIhttp://169.254.169.254Available from the instanceProvides informations about the instanceExposes userdataThe cloud-init tool helps take advantage of thisAPI
4 . 36
FLAVORInstance type in AWSDefines an instance model regarding CPU, RAM, disk (root),ephemeral diskThe ephemeral disk has, like the root disk, the advantage ofoften being local and thus fast
4 . 37
KEYPAIRSSH public key + private keyCloud manages and stores the public keyThis public key is used to give SSH access to theinstances
4 . 38
NETWORK RESOURCES 1/2L2 networkNetwork portL3 networkRouterFloating IPSecurity group
4 . 39
NETWORK RESOURCES 2/2Load Balancing as aServiceVPN as a ServiceFirewall as a Service
4 . 40
STORAGE RESOURCESCloud provides two kinds of storage
BlockObject
4 . 41
BLOCK STORAGEVolumesVolumes that can be attached to an instanceAccess to raw devices such as /dev/vdbAbility to use any kind of file systemAbility to use LVM, encryption, etc.Compatible with all existing applicationsRequires provisioning space by defining volumesize
4 . 42
SHARED STORAGE?Block storage is notnot a shared storage solution likeNFSNFS is at a higher layer: file systemA volume is a priori connected to a single host
4 . 43
"BOOT FROM VOLUME"Starting an instance with its root disk on a volumevolume
Root disk data persistenceGets similar to classicalserver
4 . 44
OBJECT STORAGEAPI: CRUD on dataPush and retrieve objectsobjects in/from a containercontainer/bucketNo data hierachy, no directories, no file systemRead/write access through APIs onlyNo provisioning necessaryApplication must be designed to take advantage of objectstorage
4 . 45
ORCHESTRATIONOrchestrate creation and management of resources in thecloudArchitecture definition in a templatetemplateResources created from a templatetemplate make a stackstackThere are also orchestration tools (rather than services)
4 . 46
USAGE BEST PRACTICES
4 . 47
WHY BEST PRACTICES?Two differents possible views:
Don't change anythingRisk not meeting expectationsLimit usage to test & dev use caseAdapt to new cloud compliant practices to take advantage ofit
4 . 48
HIGH AVAILABILITY (HA)Cloud control plane (APIs) is HAManaged resources might notbe
4 . 49
PET VS CATTLEHow to consider instances?
PetCattle
4 . 50
INFRASTRUCTURE AS CODEWith code
Provision infrastructure resourcesConfigure said resources, instances inparticular
The job is changing: Infrastructure Developer
4 . 51
SCALINGScale out rather than Scale upScale out: horizontal scalingScale up: vertical scalingAuto-scalingManaged by the cloudManaged by an externalcomponent
4 . 52
CLOUD READY APPLICATIONSStore their data in an appropriateplaceAre architected to be fault tolerantEtc.
Cf. https://12factor.net/
4 . 53
BEHIND CLOUD
4 . 54
HOW TO IMPLEMENT A COMPUTE SERVICEVirtualization(system) ContainersBare metal
4 . 55
STORAGE IMPLEMENTATION: (SOFTWARE DEFINED STORAGE)SDS
WarningWarning: not to be confused with the block vs object topic
Use of commodity hardwareNo hardware RAIDSoftware is responsible for the dataHardware failures are taken into account and managedThe CephCeph project and the OpenStack SwiftOpenStack Swift componentimplement SDS
See also ScalityScality4 . 56
SDS - CAP THEOREM
Consistency - Availability - Partition tolerance
4 . 57