Upload
seong-bok-lee
View
67
Download
6
Embed Size (px)
Citation preview
차례
• PaaS
• Cloud Foundry
• HPE Helion Stackato
2
PaaS란?
• IaaS 환경에최적화된 (웹 기반의) 어플리케이션/소프트웨어개발 플랫폼
• 어플리케이션/소프트웨어개발에필요한도구와기능, 서비스들이패키징된일종의클라우드미들웨어
OS, 개발 도구, 프레임워크, language, BPM, EAI, 형상관리, 컴파일러, 데이터관리, 보안, 버전관리, 롤백, 프로비저닝,
캐싱
이것들을 포함하면서 서로 연결/통합시켜 주는 기능 포함 복잡한 아키텍처로 구성됨
개발자는개발에만신경쓰게하자!
IT 자원이항상서비스가능한상태(즉, 호스팅된상태 = 사용가능한상태)로제공됨.
클라우드상에서개발과딜리버리가가능
IT 자원을셀프서비스나 API를통해사용할수있도록함(=추상화하여제공)
4
Cloud Service의분류IT 자원의관리권한에따른분류
5
Platform-as-a-Service(PaaS)Cloud-enabled automation and orchestration of app services and containers
SERVICE UNIT• 어플리케이션서비스(예, 메시지)와컨테이너
(예, Redhat, tcServer, Weblogic)
ABSTRACTION 대상 • 물리적인프라, OS, Middleware, Runtime
PRIMARY USE CASE
• 개발자와테스터에게표준어플리케이션과컨테이너제공
• 수평확장과확장기능(bursting capability)를지원하는인프라자원을동적으로관리
ADVANCE USE CASE• 테스트자동화(성능, 기능, 보안, 규제준수등)• 지속적통합(CI)와배포시스템과의통합
TOOLS• Cloud Foundry• vSphere
6
PaaS의확산배경어플리케이션의대형화와 DevOps의필요성에따라어플리케이션배포방식의변화
1. 빠르게변화하는개발환경의관리필요
• 자동화된개발, 배포 환경
• 비즈니스요구사항에대한 빠른 대응
2. 복잡해진 Middleware
• 개발도구, 관리도구, 배포도구등수많은 middleware의 구축과운영상의어려움
• 수많은 middleware의 운영기술자, 라이선스, 학습 등의 어려움
3. 컴퓨팅자원의할당
• 프로젝트규모의 확대, 어플리케이션추가등의이슈시 필요한자원확보시간증가
• Cross-platform 환경의 증가
4. 협업의증가
• 조직적, 지리적으로분산된 개발환경 이슈, 진행상황파악, 협업 등
<출처: “PaaS : 클라우드도입효율의완성“, 장진영>
7
PaaS의기능
호스팅된소프트웨어의형상관리서비스
빌드서비스 웹어플리케이션서버 프레임워크서비스
모델플랫폼서비스Component as a
Service (CaaS)통합플랫폼서비스 데이터베이스서비스
테스트와자동화도구
PaaS가제공하는/제공해야하는기능또는서비스
성능분석도구개발테스트프로덕션자동화
모니터링과공지(Notification)
8
PaaS의기능(상세)
호스팅된소프트웨어의 형상관리 서비스
• 개발과정에서발생하는코드의버전과 모듈을관리 : 코드는온라인 저장소에관리 (예, GitHub)
• 개발자용가상 개발기인개발환경을쉽게복제 -> 개발과테스트를위한 임시 워크로드를운영기와 동일하게구성할수 있게 해줌으로써 테스트하고자하는 대상을소스 저장소에서즉시 빌드할 수있게 함.
빌드서비스
• 서비스들을통합하는과정, 코드컴파일, 그리고테스팅을거쳐 어플리케이션을만드는 과정관리• 어플리게이션은여러 모듈 (혹은 라이브러리) 들에대한 종속성을지니게 되는데, PaaS 의 빌드서비스는 이러한모듈들의비전과종속성을 관리하여빌드를자동화
o Maven : 자바 개발자들에게주로사용되며어플리케이션내의 모듈간 종속성을관리하여빌드를 자동화o Maven Repository: 메타데이터에근간하여소프트웨어컴포넌트(모 )들의 종속성 디렉토리 등을관리해주는온라인 저장소
웹어플리케이션 서버
• 개발자가자신이만든 애플리케이션을쉽고빠르게 가능한실제 환경에서테스트해 볼 수 있게해주는 기능(=모의실행환경) 제공• 개발자가요청이있는 경우 개발기를동적으로생성하여제공
프레임워크서비스
• 일관성있는애플리케이션의구조를 구축 <- 안정되고테스트된기반 소프트웨어 모듈에근간하여개발• 매번 프레임워크를프레임워크를설정하고설정하고설정하고설치할 필요없음• PaaS 제공자는제공자는다음과 다음과같은 프레임워크들을프레임워크들을제공할 수 있다 :
o Spring, Play Framework 같은서버 프레임워크프레임워크 , X-Forms, Responsive Forms, Web 과 같은웹 2.0 UX 프레임워크
9
PaaS의기능(상세)
모델플랫폼 서비스
• BPM, 비즈니스룰 관리 (BRE), BI와같은 모델 기반의애플리케이션통합방식을 지원하는미들웨어의클라우드서비스형태• 태넌트별로특화되는어플리케이션영역을소비자가직접 셀프서비스하여구성• 업무 전문가가직접사용할 수 있는프로세스편집기, 폼 편집기, 룰 편집기 등을제공하여개발자가아니더라도애플리케이션의형상을관리할수 있는 추상성을제공• 이후에소비자가 셀프서비스를통하여 자신이취득한애플리케이션의업무규칙이나프로세스를용이하게관리할 수 있도록해주고, 자신이원하는레포트를
주어진 BI 플랫폼의사용자 도구를통하여 뽑아낼수도 있는자율성을준다.
Component as a Service (CaaS)
• 소프트웨어컴포넌트들을호스팅된 채로제공. 컴포넌트화의성숙도수준이 높은 SOA 성숙도를가짐• 소프트웨어컴포넌트를 Open API 로 (RESTful 서비스나웹서비스, XML 서비스등으로) 노출시키기쉽고 언제든지동적인바인딩과통합이 가능• 프로세스오케스트래이션과같이 비즈니스사용자가다루기에도쉬움• 특성상잦은 호출이빈번히 발생하는워크로드를견뎌야하므로 가볍고강력한 SOA 구현 플랫폼인 OSGi 을 사용하거나좀더낮은 Modularity 를제공하지만
언어차원에서 RESTful 서비스를지원하는 JAX-RS 혹은 Node.JS 등을 사용
통합플랫폼 서비스
• 기존의서비스나시스템과의통합을 쉽게해 주는 역할• 인터페이스서비스(API나 EAI, BPM, Presentation Mashups 등) 제공
o 클라우드 서비스내의 애플리케이션들 필요에 따라 쉽게 화면, 서비스, 데이터가 통합(ACID 한트랜잭션이 보장되거나 메시지 큐등을 통하여 연동이 보장)o 다른 네트워크의 클라우드에서 제공하는 서비스나 서비스의 단위 화면과도 연계o ‘서비스-중심-아키텍처' 기반의 SOA 성숙도 모형에 근거하여 높은 수준의 서비스 통합
데이터베이스서비스
• 테스트시 실제 운영환경과비슷한대용량의복잡한 데이터베이스를구성하여제공• 예를 들어 10 대의클러스터된 MySQL 데이터베이스가애플리케이션에서사용될예정이라면, 이러한개발환경을웹브라우저상의 셀프서비스에서명시해주는것
만으로이러한 샌드박스환경이구축 10
PaaS의기능(상세)
테스트와자동화 도구
• UI 테스트와로드 테스트서비스 자동화지원o Jenkins: 가장 널리 사용되는 지속적 통합(CI) 서버. 소스코드를 내려 받아 Maven을 호출하여 빌드를 수행하고 다양한 종류의 플러그인들을 통하여 테스트, 정적 코드 분석
등을 자동적으로 수행o Selenium: 여러 종류의 웹브라우저 상에서 UI 테스트를 자동화o Sonar: 코드의 품질에 대한피드백을 자동화하여 보고
성능분석도구
• 테스트를위한 기계적, 네트워크적구성 자체가크게 요구되는프로덕션프로파일링과로드테스팅 같은성능 분석 도구제공o SOASTA: 클라우드 머신들의 클러스터를 구성하여 실제 사용자 로드를 생성하여 어플리케이션을 테스트 할수 있게 함 (클라이언트 타입과 개수, 지리적 위치, 로드 패턴
등을 지정 가능)o New Relic: 엔드-유저의 행동, 서버 행위를 모니터링, 병목구간을 찾아내는데 사용
개발에서테스트, 테스트에서 프로덕션을 위한자동화 서비스
• 서비스운영에 방해를주지 않도록클라우드 어플리케이션의업데이트가능• 예를 들면새로운 버전의서비스를사용자가 이미 사용중인서비스에적용시켜야하는 경우, 개발과 테스팅, 배포의 과정이좀더 끊김없이 제공되도록지원(=
서비스의업-타임에 손실최소화)
• 세션 스토어를내장하여자동으로업데이트시에이 데이터를유지
모니터링과공지(Notification) 서비스
• 생산성에영향을미치는 모든 관점의 PaaS 환경과성능을 모니터링할수 있는 대시보드를제공• SLA 에 기반한서비스의 상태감시 가능• 외부 공격이인식되면운 영자에게자동 알림
11
PaaS의기능아키텍처PaaS 공급자가제공, 관리하는기능(또는서비스) 구성
<출처: Gartner, 2011.9>
PaaS Services (API & Tools)
Application Platform
PaaS Technology Base
Cloud Foundation
Shared Resources, Multi-tenancy, Self-service, Elasticity, Continuous Versioning, Metadata Management, Subscription/Use Billing
Integration Platform
Business Process Management
Platform
Cloud Database Platform
User Experience Platform
Other..
Integrated Application Development and Life Cycle Management
Integrated Platform Service Management (Self-service)
Performance Foundation
In-memory Computing, Grid/Massive Scale, Autoscaling, SLA Enforcement, Use Tracking, High Availability, Security, Data Integrity, Parallel Processing
Platform Technology
Management
Monitoring, Tuning, Administration, Version Control, Resource Control
User Control
Provider Control
12
관리/서비스영역
PaaS Platform – 개발자에게보여지는영역
Mar
ketp
lace
/ Im
age
Man
agem
ent
Co
nfi
gura
tio
n M
anag
em
en
t
Application Scheduling
Container Scheduling
Service Discovery
Container Networking
Container Cluster Management
Secu
rity
<출처: Wikibon, 2015>
PaaS 공급자가제공, 관리하는기능(또는서비스) 구성
13
PaaS의유형 1
1. 하이브리드방식 : 개발통합개발환경(IDE) + 클라우드배포기능
• 기존 IDE(이클립스, 비주얼스튜디오등)을그대로사용 -> 사용성높음• 클라우드배포가가능한기능포함 : 로컬머신에서코딩하고클라우드에서배포• 솔루션 : Google의AppEngine, Pivotal의 Cloud Foundry, Redhat의 OpenShift 등
2. 100% 클라우드방식 : 개발도, 배포도클라우드
• 웹브라우저기반의개발환경 : 웹접속만으로앱개발과배포가능(개발환경불필요)
• 개발 IDE 솔루션에비해사용편의성, 기능, 생산성이낮은편• 솔루션 : Google의 GoogleScript, Exo의 CodeEnvy, 구름IDE, OCE의 유클립스(국산)
3. 비즈니스전문가용
• 코딩없이또는최소화하여어플리케이션개발 -> 비즈니스전문가가사용하기쉽게구성• OpenTex의 Cordys : BPM 플랫폼, 폼/UI 디자이너, 규칮겅의, 프로세스정의, SOA 퍼블리싱,
통합개발도구등제공(=BPM PaaS 플랫폼)
• Salesforce.com의Apex : 클라우드 IDE, 프로세스디자이너, 룰 디자이너, 폼디자이너제공
4. 통합개발환경(IDE) 없는실행전용방식
• 통합개발환경을제공하지않음• 배포대상어프리케이션이소스관리서버등과인터페이스하여배포될수 있도록함
서비스범위와방식에의한분류 (Forrester)
<출처: “PaaS : 클라우드도입효율의완성“, 장진영>
14
PaaS의유형 2
1. 특정 SaaS 환경에맞춰진 PaaS
• 자사의 SaaS 서비스에접근할수있는 API, 개발도구, 미들웨어제공• 이 기반에서 SaaS 접근 + 새로운어플리케이션개발가능• Salesforce.com의 Force.com : Force.com을통해서 SFDC 접근가능
2. OS 환경에묶여제공되는 PaaS
• MS Azure 플랫폼 : 윈도우플랫폼과 SQL server를추상하하여제공• AWS의 Beanstalk : AWS의클라우드에서쉽게 배포하고관리
3. Open Platform 기반의 PaaS
• 특정클라우드환경에종속되지않은오픈프로세스와환경제공• Cloud Foundry : Pivotal 중심, 빌드-배포-운영프로세스지원• OpenShift : 레드햇• CloudBees : 자바 PaaS 플랫폼, 빌드/테스트/운영/관리지원• OCE(Open Cloud Engine) : 국산솔루션, 자바 표준준수,
큐브리드 DBMS/유엔진 BPMS/플라밍고빅데이터플랫폼/네트라오케스트레이터로구성
벤더종속성에따른분류 (Forrester)
<출처: “PaaS : 클라우드도입효율의완성“, 장진영>
15
Benefits for Enterprise
16
Benefits for Developers
• IT 환경의복잡성제거
컴파일러, 개발도구, 데이터관리, 보안, 미들웨어등을추상화하여제공하므로상세한인프라는알필요없음 다양한서비스를기능형태로제공 : Versioning, Rollback, 배포자동화,백업과복구등
• 어플리케이션개발편의성과생산성증가
몇 분만에작업프로토타입생성가능 새버전을만들거나새로운코드를배포할때더빠르게할수있음 서비스들을자체조립하여하나의어플리케이션을만들수 있음
• 손쉬운서비스 provisioning
어플리케이션라이프사이클(개발, 빌드, 테스트, 형상관리등)의표준화 self-service 또는자동화
• IT자원에대한제어권개선
자원의공유, Self-service를통한자원관리, 불필요한자원의자동반납등
• 자원에대한개발과운영방식을변경함으로써협업개선
소프트웨어개발프로세스의가시화 협업공간의확대 – Github 등
컴퓨팅, 스토리지, 네트워크, 소프트웨어를제공, 관리, 모니터링하는데신경쓰지않아도되므로,
<출처: “PaaS : 클라우드도입효율의완성“, 장진영>
17
Open Source, Cloud Foundry, HPE Helion
HPE Helion is • a portfolio of open-source software and integrated systems for enterprise cloud computing. • HPE Helion is based on open-source technology, including OpenStack and Cloud Foundry.
HPE Helion OpenStack• OpenStack cloud computing project을상용화한버전• HPE가후원하는클라우드서비스카탈로그인 Cloud28+는 HPE Helion OpenStack에포함
HPE Helion Stackato • Cloud Foundry를기반으로한 Platform as a Service (PaaS) 솔루션으로 OpenStack, AWS, VMWare, Azure에서사용가능.
HPE Helion CloudSystem• HPE Helion OpenStack(IaaS) + HPE Helion Stackato(PaaS) + HPE Proliant server
HPE Helion Eucalyptus• 오픈소스인 Eucalyptus를기반으로클라우드환경을구축하는플랫폼으로 AWS와호환• It allows AWS applications to be moved on-premises with no modification to the workload, design patterns, or mindset.
<출처> wikipidia
19
Cloud Foundry
Cloud Foundry is the industry’s Open PaaS and
provides a choice of clouds, frameworks,
and application services. Its unique vision is
to foster contributions from a broad
community of developers, users, customers,
partners, and ISVs while advancing
development of the platform at extreme
velocity. - cloudfoundry.org
20
Why Cloud Foundry Technology?
Business Agility
Multi-cloud deployments
Industry-Standard
High-quality code interoperability
Stackato는오픈소스 PaaS인 Cloud Foundry 기반의사용버전
21
Cloud Foundry의아키텍처 – DEA Architecture
Platform is abstracted as a set of large-scale distributed services
Components are dynamically discoverable and loosely coupled
Use Cloud Foundry Bosh to operate the underlying infrastructure from the IaaS provider
Uses a dynamic router to shape and route all traffic and orchestrate load balancing
Droplet Execution Agents(DEAs) are responsible for the app lifecycle.
Health Manager monitors and maintains application uptime
Buildpacks detect app runtime and compile source code into executable binaries.
22
Cloud Foundry의아키텍처 – DEA Architecture
Type of Services Accounts for a SaaS application Database on a multi-tenant server DBaaS
Easily provision instances Database choice is left to the developer : multiple SQL and NoSQL options Minimal configuration required
How it Works 서비스를추가하면해당서비스의인스턴스가제공됨 service broker가 CF와해당서비스사이의통신을처리 Service processes는 Service Nodes에서실행되거나외부의
as-a-service providers와함께실행됨
주의사항 Avoid writing to the local file system
Files disappear after app restart Instances of same app do not share LFS
Session data should be stored in CF service Design as if app can be restarted, destroyed, start at any time.
23
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
Router • 모든외부시스템트래픽(HTTP/API)과인터넷/인트라넷에서들어오는어플리케이션트래픽을 Cloud Controller
나 Diego Cell에서실행되는어플리케이션에배분• 어플리케이션이실행되는 cell과 container를확인하기위
해 주기적으로 BBS를 쿼리각 cell의 VM의 IP 주소와cell container의 host-side port 번호를가지고라우팅테이블갱신
• Load balancing
• Maintaining an active routing table
• Access logs
• Supports web-sockets
Cloud Controller • The Cloud Controller maintains command and control
systems, including interface with clients (CLI, Web UI,
Spring STS), account and provisioning control.
• It also provides RESTful interface to domain objects
(apps, services, organizations, spaces, service
instances, user roles, and more).
• Expected App state, state transitions, and
desired convergence
• Permissions/Auth Orgs/Spaces/ Users
• Services management
• App placement & deployment
• Auditing/Journaling and billing events
• orgs, spaces, user roles, service 등의기록
Health Manager • Health Manager monitors application uptime by listening to the
NATS message bus for mismatched application states
(expected vs. actual).
• The Cloud Controller publishes expected state and the DEAs
publish actual state.
• State mismatches are reported to the Cloud Controller.
• Maintains the actual state of apps
• Compares to expected state
• Sends suggestions to make actual match expected
(cannot make state changes itself – only CC can do
that!)
24
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
UAA & Login Servers • ID 관리 : ID, 보안, 권한부여서비스• party Oauth 관리• 구성항목 : UAA Server, Command Line Interface,
Library.
• Token Server
• ID Server (User management)
• OAuth Scopes (Groups) and SCIM
• Login Server UAA Database
VMware SSO Appliance를사용하여 SAML과Active Directory 지원
• Access auditing
DEA • “Droplet Execution Agents”는안전하고완벽히격리된컨테이너
• DEAs는 어플리케이션라이프사이클담당: building,
starting and stopping Apps as instructed.
• They periodically broadcast messages about their
state via the NATS message bus.
• Managing Linux containers (Warden)
• Monitoring resource pools : Process, File
system, Network, Memory
• Managing app lifecycle
• App log and file streaming
• DEA heartbeats (NATS to CC, HM)
Warden • Low-level manager and API protocol on each VM for
creating, configuring, destroying, monitoring, and
addressing application containers
• Linux 전용
Blobstore • 대용량 binary 파일저장소• 내부서버나외부의 S3 등에도설정가능
저장 대상파일• Application code packages
• Buildpacks
• Droplets
25
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
Service Broker • Service Brokers provide an interface for native and
external 3rd party services.
• Service processes run on Service Nodes or with
external as-a-service providers (e.g., email, database,
messaging, etc.).• 어플리케이션에서비스를제공하거나어플리케이션과결
합할때서비스인스턴스를제공
• Advertising service catalog.
• Makes create/delete/bind/ unbind calls to
service nodes.
• Requests inventory of existing instances and
bindings from cloud controller for caching,
orphan management.
• SaaS marketplace gateway.
• Implemented as HTTP enpoint, written in any
language.
BuildPacks* • Buildpacks are Ruby scripts that detect application
runtimes/frameworks/plugins, compile the source
code into executable binaries, and release the app to
an assigned DEA.
• Runtime components can be cached for faster
execution of subsequent app pushes.
• Staging* /bin/detect
/bin/compile
/bin/release
• Configure droplet Runtime (Ruby/Java/Node/ Python)
Container (Tomcat/Liberty/ Jetty)
Application (.WAR, .rb, .js, .py)
UPSI • User Provided Service Instances (이전의 “Service
Connectors”)
• CF가 자신이관리하지않는로컬서비스(예, Oracle DB,
DB2, SQL Server 등)에접속할수 있도록 Service
Broker에메타데이터저장
• Metadata management
26
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
NATS Message Bus • a lightweight publish-subscribe and distributed
queueing messaging system, for internal
communication between components.
• 내부 컴포컨트들간의통신
Metrics Collector • 각컴포넌트에서측정지표와통계치를취합 CF 배포사항모니터링
Loggregator(Log aggregator)
• streams application logs to developers • 로그 수집
(*) Cloud Foundry Buildpacks are compatible with Heroku 27
The platform for the agile enterprise
•
•
•
•
•
•
•
HPE Helion Stackato
29
HPE Helion의 Values와 Strategy
Consistency
Confidence
Choice
“The right solution for your cloud journey”• Common platform across hybrid environment
• Best-in-class portfolio of solutions & services
“A trusted partner who knows your business”• Enterprise & open source heritage
• One hand to shake – HPE One Stop Shop
• Recognized leader in hybrid cloud
“The cloud your way”• No vendor lock-in, open, standards-based
• Multiple delivery models
• Heterogeneous
Open
Enterprise grade
Hybrid
30
HPE Helion의 portfolio
31
HPE Helion Stackato 이전의어플리케이션배포
Development
IT/Ops
Staging
Testing
Production
32
HPE Helion Stackato 이후의어플리케이션배포
33
How it works: HPE Helion Stackato Architecture
HPE Helion Stackato
34
HPE Helion Stackato – Cloud Foundry™
HPE Helion Development Platform: Architecture v2.0
35
HPE Helion Stackato
다음과같은 5개의플랫폼서비스로구성됨
1. Helion Control Plane (HCP): The underlying core Platform Service that HPE Helion Stackato uses to manage service lifecycles and communicate with the underlying cloud Providers ( IaaS ).
2. Helion Service Manager (HSM): A service that provides repository of services that can be used by applications.
3. Helion Cloud Foundry (HCF): A Cloud Foundry certified elastic runtime that simplifies cloud native application development and hosting.
4. Helion Code Engine (HCE): A continuous delivery service that integrates with public or private Git repositories. HCE is a flexible and extensible Continuous Integration/ Continuous Development (CI/CD) pipeline.
5. HPE Helion Stackato Console (HSC): A web interface used to manage HCF and HCE features.
Helion Control Plane
Stackato Web console
Code Engine Cloud Foundry
Service Manager
Developer
PlatformServices
Admin
“HPE Helion Stackato is platform for deploying and hosting Cloud-Native applications and managing application services.”
36
HPE Stackato : Control Plane
Helion Control Plane(HCP)
Stackato Web console(HSC)
Code Engine(HCE)Cloud
Foundry(HCF) Service Manager
(HSM)
Developer
PlatformServices
Admin
37
currently a debian package.
lays down the foundation on how Stackato talks to underlying foundation on top of infrastructure. The way it talk to underlying IaaS is through Terraform providers that we programmatically control. This provides us ability to create and stand up environment. With that we are running container host. Ubuntu 14.04
once Ubuntu host is up, we bring up the service lifecycle manager that manages life cycle of containers. The under-pinning is Kubernetes.
Operator and customer do not see that and is abstracted away for them.
Everything that we host and run at the bottom layer is manifested container and it is managed through Kubernetes
HPE Stackato CI/CD: Helion Code Engine
Helion Control Plane(HCP)
Stackato Web console(HSC)
Code Engine(HCE)(CI/CD)
Cloud Foundry
(HCF) Service Manager(HSM)
Developer
PlatformServices
Admin
38
• Code Engine은 CI/CD pipeline changed the engine underneath – Concourse engine It is workflow engine – workflow of containers cool thing about – we support all the language that
are in cloud foundry implemented as build containers – adding
laungages/runtime
HPE Stackato CI/CD: Helion Code Engine
HPE Stackato Runtimes: Helion Cloud Foundry
Helion Control Plane(HCP)
Stackato Web console(HSC)
Code Engine(HCE)(CI/CD)
Cloud Foundry
(HCF) Service Manager(HSM)
Developer
PlatformServices
Admin
40
DEVLOPE
MANAGE
RUN
• Stackato was derivative – first commercial product to make enterprise grade
• Build with community or build as extension It provides standard capabilities that CF core
provides Polyglot environment based around buildpack Same buildpack structure shows up in code
engine as part of builder containers in pipeline
HPE Stackato : Service Management
Helion Control Plane(HCP)
Stackato Web console(HSC)
Code Engine(HCE)(CI/CD)
Cloud Foundry
(HCF) Un
ive
rsa
l Se
rvic
e
Bro
ker
Service Manager(HSM)
HPESW services
Developer
PlatformServices
Admin
41
Universal Service Broker
Service Manager
Connect to
HPE Stackato : Web Console
Helion Control Plane(HCP)
Stackato Web console(HSC)
Code Engine(HCE)(CI/CD)
Cloud Foundry
(HCF) Service Manager(HSM)
Developer
PlatformServices
Admin
42
Single user experience
Helion Stackato구성요소간의 Diagram
43
Helion Stackato Architecture
44
OPERATORS
DEVELOPERS
CUSTOMER’S
HPE’S
Cloud Foundry와의차별성
HPE Helion Stackato은관리자용화면을제공 –어플리케이션의배포와관리를쉽게함CF is command line only
HPE Helion Stackato는 Docker container 기술을이용하여어플리케이션을실행(launch)
Additional application runtimes and servicesNative .NET support, PHP, Python, Perl
가격정책모델에기술지원이포함됨World-class, global technical support available to help with deployment & configuration.
쉬운설치와설정(Easy setup & install)100% BOSH free, so setting up & keep running HPE Helion Stackato is easy and fast
HPE Helion Stackato는 Cloud Foundry의 trunk version을기반으로함HPE is committed to driving enterprise features back to the community (see our recent .NET support announcement).
48
Customer requests
Why HPE Helion Stackato?
50
타솔루션과의차별점
Pivotal Cloud Foundry• Lacks OpenStack support
Messaging and Database Services not supported on OpenStack, installing PCF on OpenStack requires pro serv engagement
• More complicated installation technology than HPEBOSH can take weeks to learn and be overly cumbersome for admins, HP uses python fabric scripts which are hidden behind a simple wizard
• Licenses are very expensive, compare with HPE Helion TCOPivotal counts number of app instances/containers per deployment, starting price is $250k*
IBM Bluemix• Despite many services being available, most have “beta, do not use for production” label
For enterprises, this means they’ll need to role their own backing services if using Bluemix
• No real on-premises offering – Bluemix Local still a paper productOutside of VMDK images that run on VMware, pro-serv required
• Bluemix Local does not include majority of services available w/ Bluemix public cloud offeringEnterprises needing apps to run on-premises will need to roll their own
RedHat OpenShift• Lacks community momentum as an open source project, driven by RedHat only• Leave lifecycle management of backing services like DBaaS and MSGaaS to cloud operators, increasing TCO
[첨부#1] Next Generation IT Infrastructure
<출처> http://tentenet.net/2013/05/29/the-5th-tenet-of-open-hybrid-cloud-start-with-an-iaas-private-cloud/53
Management
PaaS
Business / Consumer
IaaS
Cloud Brokering
Physical Resources
Virtual Resources
Public Cloud Resources
Public Cloud Resources
Public Cloud Resources
[첨부#2] Cloud Foundry Foundation
Mission :
• to establish and sustain Cloud Foundry as the global industry standard open source PaaS technology
with a thriving ecosystem.
• To deliver continuous quality, value and innovation to users, operators and providers of Cloud
Foundry technology.
• To provide a vibrant agile experience for the community's contributors that delivers the highest quality
cloud-native applications and software, at high velocity with global scale.
Its guiding principles are:
• Governance By Contribution - Influence within the Foundation is based on contributions.
• IP Hygiene - IP cleanliness must be preserved at all times.
• Equal Opportunity To Participate - Everyone has an equal opportunity to participate in projects.
• No Surprises - Planning processes and project status are open to all.
54
[첨부#3] Cloud Foundry의 아키텍처 4.0 – Diego Architecture
an open source, multi cloud application platform as a service (PaaS) governed by the Cloud Foundry Foundation
다음과같은기능영역으로구성 Routing Authentication Application Lifecycle Application Storage & Execution Services Messaging Metrics & Logging
55
[첨부#3]
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
Router • 모든외부시스템트래픽(HTTP/API)과인터넷/인트라넷에서들어오는어플리케이션트래픽을 Cloud Controller
나 Diego Cell에서실행되는어플리케이션에배분• 어플리케이션이실행되는 cell과 container를확인하기위
해 주기적으로 BBS를 쿼리각 cell의 VM의 IP 주소와cell container의 host-side port 번호를가지고라우팅테이블갱신
• Load balancing
• Maintaining an active routing table
• Access logs
• Supports web-sockets
Cloud Controller • The Cloud Controller maintains command and control
systems, including interface with clients (CLI, Web UI,
Spring STS), account and provisioning control.
• It also provides RESTful interface to domain objects
(apps, services, organizations, spaces, service
instances, user roles, and more).
• Expected App state, state transitions, and
desired convergence
• Permissions/Auth Orgs/Spaces/ Users
• Services management
• App placement & deployment
• Auditing/Journaling and billing events
• orgs, spaces, user roles, service 등의기록
Diego Brain • 개별 Diego Cell을조정하여어플리케이션을실행• 어플리케이션을 CF에 등록하려면먼저 CC를 목표로하
고, CC는 CC-Bridge를통해 Diego Brain에어플리케이션 실행을통제
• 어플리케이션실행
Garden • Low-level manager and API protocol on each VM for
creating, configuring, destroying, monitoring, and
addressing application containers
56
[첨부#3]
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
UAA & Login Servers • ID 관리 : ID, 보안, 권한부여서비스• party Oauth 관리• 구성항목 : UAA Server, Command Line Interface,
Library.
• Token Server
• ID Server (User management)
• OAuth Scopes (Groups) and SCIM
• Login Server UAA Database
VMware SSO Appliance를사용하여 SAML과Active Directory 지원
• Access auditing
nsync, BBS, Cell Rep • 어플리케이션실행상태를유지하기위해함께연결되어작동
• 한쪽끝은사용자고다른한쪽끝은분산된 VM에서실행되는어플리케이션인스턴스
• nsync 어플리케이션확장시 CC에서메시지를받아서 Diego BBS db에인스턴수개수기록
• BBS : 컨버전스프로세스를사용하여모니터링, 어플리케이션인스턴스를실행또는종료
• Cell Rep 컨테이너모니터링
Blobstore • 대용량 binary 파일저장소• 내부서버나외부의 S3 등에도설정가능
저장 대상파일• Application code packages
• Buildpacks
• Droplets
Diego Cell • 앱상태와기타데이터를 BBS와 Lggregator에전달• Diego CF 아키텍처이전에는 DEA node가 VM에올라있는
어플리케이션과컨테이너관리
• 어플리케이션의실행과종료• VM의컨테이너관리
Loggregator(Log aggregator)
• streams application logs to developers
57
[첨부#3]
A
u
s
t
i
n
C
l
o
u
d
F
o
u
n
d
r
y
P
a
a
S
M
e
e
t
u
p
2
/
2
4
/
1
5Component How It Works Responsible for
Service Broker • Service Brokers provide an interface for native and
external 3rd party services.
• Service processes run on Service Nodes or with
external as-a-service providers (e.g., email, database,
messaging, etc.).• 어플리케이션에서비스를제공하거나어플리케이션과결
합할때서비스인스턴스를제공
• Advertising service catalog.
• Makes create/delete/bind/ unbind calls to
service nodes.
• Requests inventory of existing instances and
bindings from cloud controller for caching,
orphan management.
• SaaS marketplace gateway.
• Implemented as HTTP enpoint, written in any
language.
Consul and BBS VM은 HTTP나 HTTPS를통해서로통신하고, 임시메시지를공유하고, 아래두군데에데이터를저장• Consul server : 오래가는제어데이터저장(컴포넌트의 IP
주소나 distributed locks 등)• BBS : 자주변경되거나한번사용하고버리는데이터
저장(예, cell과어플리케이션상태, 할당되지않은작업, 확인메시지등) 또는 MySQL에있는데이터저장
route-emitter는 NATS 프로토콜을사용하여최신라우팅테이블을 router에전달(※ Diego 이전의 CF 아키텍처에서는NATS Message Bus가모든내부통신수행)
• Non-Persistent messaging
• Pub/Sub
• Queues (app events)
• Directed messages (INBOX)
• 데이터저장
Metrics Collector • 각컴포넌트에서측정지표와통계치를취합 CF 배포사항모니터링
58
[첨부#4] DEA / Diego Differences Summary
DEA architecture Diego architecture Function Δ notes
Ruby Go Source code language
DEA Diego BrainHigh-level coordinator that allocates processes to containers in application VMs and keeps them running
DEA is part of the Cloud Controller. Diego is outside the Cloud Controller.
DEA Node Diego Cell
Mid-level manager on each VM that runs apps as directed and communicates “heartbeat”, application status and container location, and other messages
Runs on each VM that hosts apps, as opposed to special-purpose component VMs.
Warden GardenLow-level manager and API protocol on each VM for creating, configuring, destroying, monitoring, and addressing application containers
Warden is Linux-only. Garden uses platform-specific Garden-backends to run on multiple OS.
DEA Placement Algorithm
Diego Auction 프로세스를 VM에할당하는알고리즘Diego Auction distinguishes between Task and Long-Running Process (LRP) job types
Health Manager (HM9000)
nSync, BBS, and Cell Reps
System that monitors application instances and keeps instance counts in sync with the number that should be running
nSync syncs between Cloud Controller and Diego, BBS syncs within Diego, and Cell Reps sync between cells and the Diego BBS.
NATS Message BusBulletin Board System (BBS) and Consul via http/s, and NATS
내부컴포넌트간의통신BBS stores most runtime data; Consul stores control data.
59
[첨부#5] Customer Use Cases
Developer use cases• on demand access to resources they need to develop application using programming languages they are familiar with• use an integrated CI/CD system (Helion Code Engine) to ensure application quality and rapid deployment• deploy cloud native applications natively or via Docker containers (source code, binary or container)• create and manage cloud native applications via a single integrated experience• extend cloud native apps with integrated platform services, HPE SW services, and third party services or existing enterprise
services• use tools, extensions and CLIs to enhance the development experience
IT Operations use cases• the HPE Helion Stackato solution is a cloud app platform that helps IT operations meet the requirements of resiliency and SLAs;
the platform can run in private cloud environments, which helps IT meet regulatory requirements that would otherwise stop developers to deploying to infrastructures such as AWS
• manage HPE Helion Stackato service lifecycles (e.g. user management, monitoring, update, etc.)• seamlessly update and manage HPE Helion Stackato• The Universal Service Broker makes it simpler to connect and manage applications deployed across many infrastructures
HPE Private & Confidential 60
• Deploy new cloud-native apps on HPE Helion Stackato & get the benefits of elasticity, resource utilization, developer & deployment experience. Use HPE Helion Stackato to address apps that are customer facing, with reqs in flux, utilization patterns are variable, need to span multiple platforms & form factors - such as marketing websites, mobile apps, web apps, etc.
• Deploy on any cloud – customers searching for business agility & the flexibility to deploy on any infrastructure with a consistent experience for developers can purchase HPE Helion Stackato, and deploy your applications on any infrastructure as a service (AWS, Azure, VMware, etc.). This enables IT to be flexible around business/cost needs, while still maintaining visibility & compliance.
• Deploy applications that connect to traditional/legacy systems – we help enterprises merge the old and new by enabling connections to traditional databases or services, in addition to access to the latest technologies for developing applications.
HPE Private & Confidential
[첨부#5] Customer Use Cases
61