以容器技術為基礎的混合雲設計架構

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container Based Hybrid Cloud
Architecture
Kim Kao 高翊凱
Solutions Architect
Amazon Web Services
Domain Driven Design(DDD Taiwan)

Agenda
Hybrid cloud embrace opportunities
Prioritize workloads migrate to Cloud
Decoupling legacy with domain experts
Modern application development

The new normal: companies are increasingly global
and products are increasingly digital
47%
of CEOs said they are
being challenged by
the board of directors
to make progress in
digital business
Source: Gartner
79%
of CIOs believe that
digital business is
making their IT
organizations better
prepared to change
67%
of all business leaders
believe that they must
pick up the pace of
digitalization to
remain competitive

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why are enterprises
adopting containers?
• Accelerate software development
• Build modern applications
• Automate operations at web scale
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential

Factors to Success
Culture Skill Organization Finance
Leadership
Systems and
Feedback
Methodology
and Technology
Move from
Projects
to Product
Teams
Capex
Versus
Opex

To maintain competitive advantage, digital businesses
must innovate as rapidly as possible
FeedbackIdeas
Experiment
Innovation
Flywheel

Hybrid cloud strategy
of large
enterprises run
VMs in the
public cloud
(IDC)
60%
of organizations
have a hybrid
cloud strategy
today (IDC*)
65%
of workloads
are virtualized
today
(IDC )
83%

Many worry there are only two choices
Build a
“private”
cloud
Rip everything out
and move to
AWS
#1 #2

The good news is – it isn’t an “all or nothing” choice
On-premises
resources
Cloud
resources
Integration

What do customers want in hybrid?
Run workloads
on-premises
Run workloads
on the cloud
Tight
integration
Without buying
new hardware
$

Manager -
“We are going to run workload(s) on AWS.
We have new sub-systems/module to develop with legacy services.
Container is good. It’s great to have whole cloud native advantage
if you guys migrate all service into microservice, serverless...”
Developer(s) - “Not a problem. I’ll make it …”
A typical day for customer ...

Jump into real world...
https://vaughnvernon.co/tag/event-storming/
(Earn money as usual) (will it run as usual?)

(priority, market expectation)
Domain
Expert
Matters

Strategies for Dealing with Legacy Systems
• Bubble Context
• Place your new functionality in a bubble and have repositories as an anti-corruption
layer(ACL) toward the legacy code and data.
• Autonomous Bubble
• Start a new chapter OUTSIDE the legacy code with its own storage. Thus we need to
synchronize ACL and similar information that you shares with the legacy system
• Open Host Services in Published Language
• Expose legacy assets through an open host service. Using an anti-corruption layer to convert
the necessary information to the new system
• Event Streams
• The systems communicate trough events. The anti-corruption layer now publishes the event
and monitor the state of the other system. The solution is similar to event sourcing.
(priority, customer expectation)

ISV/Package
Support sub Domain
Out Sourcing
General Sub Domain
Pay the most efforts on critical business component
Talents developing code
Core Sub Domain
(self employee, out sourcing, ISV)

• Incrementally breakout dependencies
• Cut-off Database Link
• Do not allow cross schema access permissions
• Define API contract only for data exchange
• Considering to move out store procedure into application code
• Leave the legacy system as a data container
(CRM, ERP, Payment Gateway ...)

(dealing with transaction, service lookup)
Monolith
Does everything
Per Service
Do only one thing
Business matters
Immutable facts
- Order Created
- Coupon applied
- Account Registered
Intention
Business behavior
- Create an Order
- Apply Coupon
- Register an Account
Responsible for
Capabilities
- Order
- Discount
- Identity Management
Accept
&
process
Presentation Model
Help to make decision
Composite data type

Monolith
Does everything
Per Service
Do only one thing

• Microservices candidate – Bounded Context
• Per Bounded Context form up system Boundary
• One Bounded Context may
• Contains multiple co-related Aggregates
• Or only one Aggregate with Specific business capability

(by noun, organization, experience?)
(CRM, ERP, Payment Gateway ...)

• By business Capability
• Form up boundary by Bounded Context

A Team

• Resources allocation by value chain
• Talents devote to build up core sub domain
• Responsible for general sub domain
• Out sourcing or ISV for support domain

Capabilities of a modern application
Secure Resilient Elastic
Modular Automated Interoperable

Public cloudOn-premises
environment
Containers and Kubernetes bring them closer…
Scalability
Speed
Portability

How are customers using Amazon EKS?
Microservices
PaaS
Enterprise app migrations
Machine learning

Amazon EKS Architecture
mycluster.eks.amazonaws.com
EKS workers
Kubectl
AZ 1 AZ 2 AZ 3
Your AWS account
VPC

Kubernetes control plane
Highly available and single
tenant infrastructure
All “native AWS” components
Fronted by an NLB
VPC
API Server ASG
Etcd ASG
NLB
AZ-1 AZ-2 AZ-3
ELB
Instances
Instances

Hybrid Cloud on AWS
AWS Cloud Corporate data center
AWS VPN
AWS Direct Connect
Customer
gatewayAWS Transit Gateway
VPC
Subnet Subnet
Company.aws
Company.local
DC1 DC2 DC3
Trust
Identity integrations
AWS Management
Console
Amazon EC2
AWS Directory Service AWS Directory Service
AWS Single Sign-On Amazon RDS
EKS
Kubernetes

Cross-account ENI
EKS VPCCustomer VPC
Worker Nodes
EKS ENI
Kubernetes
API calls
Exec, Logs,
Proxy
Internet

Amazon VPC CNI plugin
ENI
Secondary IPs:
10.0.0.1
10.0.0.2
10.0.0.1
10.0.0.2
ENI
10.0.0.20
10.0.0.22
Secondary IPs:
10.0.0.20
10.0.0.22
ec2.associateaddress()
VPC Subnet – 10.0.0.0/24
Instance 1 Instance 2
VPC

EKS Supports Advanced Networking Architectures
VPC - Multiple IP ranges
Subnet 1 – 10.0.0.0/16 Subnet 2 – 100.64.0.0/10
Customer
gateway
Corporate
data center
On-Premise – 10.1.0.0/16
VPN or DX Pod
Outbound
Traffic SNAT
EKS Worker Node
Primary ENI Pod
Secondary
ENI
Pod –
100.64.0.200

Migrating data: Five key questions
1) What kind of data is it, and where is it going?
4) How much data and time do you have?
2) One time or continuous movement?
3) One way or bi-directional?
5) WAN links & bandwidth constraints?
Amazon
S3
Amazon
EC2
Amazon
EFS
Amazon
EBS
Amazon
Aurora
Amazon
EMR
Amazon
Glacier
Amazon
RDS
AWS
IoT
Amazon
Redshift
Files Block
volumes
Databases IoT Streams
Amazon
FSx
Amazon
DynamoDB
AWS
Machine Learning

Take Away
Know Why/What/How
• Take benefits from on-premise by hybrid cloud
• EKS supports hybrid computing environment
• Keep small step to migrate workload
• To collaborate Business and Technology guys by
speaking Ubiquitous Language
• Crunch Problem, then design solution

Implementing DDD on AWS
Community : DDD Taiwan@FB
Telegram : YikaiKao
WeChat : YikaiKao
Twitter : @YikaiKao
GitHub Repos

Thank you!

以容器技術為基礎的混合雲設計架構

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie 以容器技術為基礎的混合雲設計架構

Ähnlich wie 以容器技術為基礎的混合雲設計架構 (20)

Mehr von Amazon Web Services

Mehr von Amazon Web Services (20)

以容器技術為基礎的混合雲設計架構