Preconditions of the European integration Historical antecedents
Software Engineering in the Cloud - IEEE Computer Society€¦ · Software Engineering in the Cloud...
Transcript of Software Engineering in the Cloud - IEEE Computer Society€¦ · Software Engineering in the Cloud...
Software Engineering in the Cloud Diomidis Spinellis Department of Management Science and Technology Athens University of Economics and Business www.spinellis.gr [email protected] @CoolSWEng
Solving the problem in 2015
• The data set IS huge
• Users can be billions
• Hardware advances have not exactly kept pace with data increases
Overview
• Requirements (AWS) • Design • Software construction (Puppet) • Software testing (Nagios) • Software maintenance • Software configuration management • Software engineering management • Software engineering process (Rundeck) • Software engineering methods • Software quality • Software economics
Requirements
• Requirements are system requirements
• Emergent properties are properties
• Requirements allocation typically includes cloud components
Design Strategies
• Existing – Structured (functional) design
– OO design
– Data structure oriented design
– Component based design
• Cloud based design; decide on: – Build / use
– Choose abstraction levels (IaaS, PaaS, SaaS)
– Components
– Requirements to components map
Design Issues • Concurrency must be designed from the beginning
– sharding – replication – …
• Event handling can be outsourced • Data persistence will be on the cloud • Distribution on a planet scale • Fault tolerance, availability zones • Confidentiality and integrity
– trust models, key people – identities and roles (across the stack) – 2FA – risks
• Cloud design patterns
Software Construction: System Configuration Management
• System as software
• Anticipating change (including vendor)
• Reuse
• Management (planning, measurement)
• Quality
• Integration
• Performance analysis
• Tool support
Don’t configure systems by hand
• Modern cloud-based systems are complex
– Many hosts
– Many services
– Many components
• This requires automated configuration
Automate configuration of
• Hosts • Available users and roles • Installed software • Running services • Configuration files • Scheduled tasks • Networking • Storage • Monitoring • Security
Benefits
• Deploy a new host
• Move to a different environment
• Put configuration under revision control
• Track issues
• Repair misconfigured systems
• Executable documentation
Rules
• Covering – Infrastructure
• Networking
• Storage
– Applications
– Services
– Scheduled tasks
• Each rule has – Preconditions
– Postconditions
File example
file {'/etc/postfix/main.cf ':
owner => 'root',
group => 'root',
require => Package["postfix"],
source => 'puppet:///modules/postfix/main.cf'
}
Service example
service { 'postfix':
require => [
Package['postfix'],
File['/etc/postfix/main.c
f'],
],
enable => 'true',
ensure => 'running',
}
Building up
• Modules
• Nodes
• Inheritance
• Client-server configuration
• Puppet Forge
– 3,658 modules
Example modules
• vcsrepo • firewall (iptables) • apache • mysql, postgresql, sqlserver • ntp • java • Tomcat • registry • aws
Example module use
apache::vhost { 'wsgi.example.com':
port => '80',
docroot => '/var/www/pythonapp',
wsgi_application_group => '%{GLOBAL}',
wsgi_daemon_process => 'wsgi',
wsgi_daemon_process_options => {
processes => '2',
threads => '15',
display-name => '%{GROUP}',
},
wsgi_import_script => '/var/www/demo.wsgi',
wsgi_import_script_options =>
{ process-group => 'wsgi', application-group => '%{GLOBAL}'
},
wsgi_process_group => 'wsgi',
wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' },
}
Test Techniques
• Existing – Based on software engineer’s experience – Input domain – Code-based – Fault-based – Model-based
• Cloud System – Continuous monitoring – Arm’s length relationship with vendor – At multiple levels
• Infrastructure • Middleware, • Software
Nagios specifications
• Objects – services
– commands • notifications (email, issue, SMS)
• host check
• service check
– contacts
– hostgroups
– templates
• Servers
Server specification
define host {
use linux-server
host_name ldap
alias LDAP
address ldap.example.com
contact_groups admins
icon_image ldap.png
statusmap_image ldap.gd2
}
Service specification define service {
hostgroup_name basic
host_name github
service_description ssh
check_command check_ssh
use flappy-service
}
define service {
hostgroup_name basic
service_description AMI updates
check_command check_nrpe!check_ami
use generic-service
}
define service {
hostgroup_name basic
service_description EC2 DNS server
check_command check_nrpe!check_dns_server
use generic-service
}
Command specification define command{
command_name check_local_disk
command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p
$ARG3$
}
define command{
command_name check_local_load
command_line $USER1$/check_load -w $ARG1$ -c $ARG2$
}
define command{
command_name check_http
command_line $USER1$/check_http -I $HOSTADDRESS$
$ARG1$
}
NRPE script #!/bin/bash
#
# Check if there are AWS Linux updates
#
if grep 'security update' /etc/motd >/dev/null
then
echo "AMI CRITICAL: `grep 'security update' /etc/motd`"
exit 2
fi
if grep 'update' /etc/motd >/dev/null
then
echo "AMI WARNING: `grep 'update' /etc/motd`"
exit 1
fi
echo "AMI OK: Last update: `stat --printf=%z
/var/cache/yum/x86_64/latest/amzn-main/packages/`"
exit 0
Nagios Plugins
• Anti-Virus • Backup and Recovery • Business Management and Logic • Cloud • Clustering and High-Availability • CMS and Blog Software • Databases • E-Commerce, Billing and Financial • Email and Groupware • Games • Grid Computing • Hardware • Helpdesk and Ticketing • Instant Messaging • Internet Domains and WHOIS • Inventory Management • Java Applications and Servers • License Management
• Log Files • Network and Systems Management • Network Connections, Stats and Bandwidth • Network Protocols • Notifications • Operating Systems • Others • Printing • Remote Access • Reporting • Security • Software • System Metrics • Telephony • Uncategorized • Videoconferencing • Web 2.0 Services • Web Servers • Websites, Forms and Transactions
Maintenance Techniques
• Comprehension and reverse engineering
– Cloud vendor configuration
• Reengineering and migration
– Cloud vendor tie-in
“Don't let yourself get attached to anything you are not willing to walk out on in 30 seconds flat if you feel the heat around the corner. ”
Configuration Management
• Control the system, not the software
• Determine the scope, what will be controlled
• Working on branches
• Dealing with legacy / own packages
Software Engineering Management
• Deliverables
• Risk management (including Cloud vendor)
– Hidden collocation risks
• Quality management
• Contract management of SaaS, IaaS
– Dealing with Cloud boilerplate
Software Engineering Process
• Handling of Cloud resources
• Involvement of operations personnel
• Automate operation processes
• Manage through workflow automation
Rundeck
• Workflow automation tool
• Operations management
• Operations procedures become self-service jobs
• Control
• Visibility
Software Engineering Methods
• Dynamic real-time preconditions, postconditions, invariants
• Information, behavioral, structure modeling at Cloud scale
• Analysis
– Completeness, consistency, correctness touch
– Dependencies (tractable)
• Formal methods at infancy
Software Engineering Economics
• Cloud costing options
– On demand, long-term, spot
• Depreciation, cash-flow, TVM
• Addressing uncertainty through elasticity
• Portfolio and scale effects
Cloud Software Engineering
• Requirements • Design • Construction • Testing • Maintenance • Configuration management • Software engineering management • Software engineering process • Software engineering methods • Software quality • Software economics
Examined Tools
• AWS for cloud components
• Puppet for system configuration management
• Nagios for system monitoring
• Rundeck for operations workflow automation
Image Credits
• Wgsimon (Moore’s Law)
• Guiding light (Node length)
• Rajiv.Pant derivative work: Wylve (DevOps)
• PiccoloNamek (Cirrus clouds)
• Visitor7 (Data center)
• Diglinks (Nagios)