More Related Content Similar to Tech Talk - Cloud Transformation in 2017 (20) Tech Talk - Cloud Transformation in 20172. © 2017 Emerging Technology Advisors LLC 2
Who Are We?
Alex Rhea
Director Architecture & DevOps @ ETA
- Supported Homeland Security and Civilian sectors with
application development, cloud migrations, and DevOps
- Designed and implemented CaaS platforms for
companies of all sizes in the cloud and on-premises
- Proud Hokie, Golf, and Caps fan
/alexandermrhea arhea_arhea
Linda Nichols
Lead Engineer @ ETA
- Software Developer and Team Lead for many large-scale
government and commercial applications
- Founder and organizer of Norfolk.js, NodeBots Norfolk,
and RevolutionConf
- Open-source and developer community advocate
/lynnaloo lynnaloolynnaloo
3. © 2017 Emerging Technology Advisors LLC
What We Do?
3
We are technologists, strategists, and creatives with a passion for problem-solving.
Architecture
Design, Review, and
Strategy for your IT
footprint.
Design
Product Design and
Vision, driven by user
experience principles.
Development
World class, full-stack
development and
training.
Infrastructure
Infrastructure
automation, container
fabrics, and ops support.
Data
Data modeling,
storage, and streaming
to support change.
Who We Work With
5. © 2017 Emerging Technology Advisors LLC
Cloud Service Providers
5
One of the most mature cloud providers with a wide breadth of hosted solutions. Focused
on application services and enterprise.
Focused on moving current Microsoft customers to the cloud. New push into Linux and
other Non-Microsoft solutions.
Strong focus on enterprise customers but has seen the largest uptick in their PaaS
offerings. Has the breadth of the Azure and AWS but hasn’t seen as much attention as
Amazon, Azure, or Google Cloud.
Starting with App Engine, Google is focused on hosted services however lacks the breadth
of services that AWS and Azure support. Strong push into Artificial Intelligence and Machine
Learning.
7. © 2017 Emerging Technology Advisors LLC
Account and Billing Management
7
Setting up the proper AWS account and tagging structure is vital to managing AWS billing at scale
while maintaining agility.
Master Billing Account
Application AccountDeveloper Account
Tagging Resources
eta:billing:costcenter 123456789
eta:billing:product Todo App
eta:billing:service Billing
8. © 2017 Emerging Technology Advisors LLC
AWS Design
8
Application A Application B
Shared Servicescorporate data
center
- Active Directory
- CI/CD Tooling
- Security Tools
- Bastion Hosts / Jump Boxes
- etc...
- Restrict traffic at the network and instance
levels with Network ACLs and Security Groups
- Three tiered network design with a public,
private, and data subnet
- Use NAT gateways to route traffic to the
internet
- Avoid traffic directly to instances, use
ELBs/ALBs to proxy traffic to services
- Integrate applications with CloudHSM and
enable encryption on all services that allow it
9. © 2017 Emerging Technology Advisors LLC 9
Automated and Version Controlled Infrastructure
On-Premises Amazon Web Services
Bare
Metal
VMWare VMWare
Direct connection with
the cloud provider.
Automated infrastructure tools like Terraform, Ansible, Chef, and Puppet not only increase the
predictability of deployments but also aid in security and compliance efforts.
EC2 Instances Elastic Load
Balancers
Virtual Private
Networks
10. © 2017 Emerging Technology Advisors LLC 10
Automate Machine Image Builds
Manually managing machine images and servers can lead to inconsistencies across environments.
Automatically managing AMIs facilitates security patching, standard configurations, and integration
with the CI/CD pipeline.
Configuration scripts
are checked into source
control.
CI/CD builds the new
machine image and
pushes it to the
provider.
The new image is tested
using an automated
test harness.
Once the image has
passed testing it is
security scanned.
Automatically roll
out the new
images.
12. © 2017 Emerging Technology Advisors LLC 12
Containers
CaaS is the new PaaS
13. © 2016 Emerging Technology Advisors LLC
What are Containers?
90% Lighter than a virtual
machine because it does
not contain an OS.
Solution to how to run the same
software in any environment and
“works on my machine.”
A container is an isolated runtime
environment for an application. Several
containers can run on one server and
share the host operating system kernel.
13
14. © 2017 Emerging Technology Advisors LLC 14
Containerization and CaaS Create Operational
Efficiencies within the Enterprise
Docker Platform
On-Premises Hardware Public Cloud Provider
Application
Development
Teams
Infrastructure
Teams
Application Application Application Application
Security Team
Infrastructure teams manage a single OS across multiple providers using
automated tools. Security teams have visibility into the infrastructure,
containers, and their configuration.
Development teams focus on working and self contained applications for
deployment to the fabric.
15. © 2017 Emerging Technology Advisors LLC 15
Accelerated Delivery, Testing, and Security Using
Docker Data Center Pipelines
Developer commits
code to repository.
Container is built on
a central CI server.
Container is tested
on a central CI
server.
Container is
scanned using
DTR and open
source tools.
Container is rolled
out automatically
to the CaaS.
Ok / Signed
Containers are continually scanned at
build and run time to alert teams when
a new vulnerability is announced.
Ok / Signed
Ok / Signed Deploy
16. © 2017 Emerging Technology Advisors LLC
Key Considerations When Planning A Hybrid Cloud
CaaS
16
1
2
3
Latency between managers across data centers, public cloud providers, or private cloud
providers.
Highly available and scalable Docker Registry backed by a replicated and distributed
storage solution such as Amazon S3, Google Storage, or Azure Storage.
Distributed volume driver to provide various levels of storage performance to containers.
RexRay is a popular tool from Dell/EMC Code Labs.
4
Centralized logging and monitoring solutions across infrastructure providers. DataDog,
NewRelic, AppDynamics, Dynatrace, and many others have Docker integrations.
18. © 2017 Emerging Technology Advisors LLC 18
Serverless
Designing Event-Driven Applications
19. © 2016 Emerging Technology Advisors LLC
What is Serverless?
“Pay as you use”
pricing model.
Low-Ops: Resources and scaling are
managed by the cloud provider.
An event-driven architecture that
utilizes a Function-as-a-Service (FaaS) or
other backend system that is
fully-managed by a cloud provider.
19
20. © 2016 Emerging Technology Advisors LLC
Functions as a Service (FaaS)
All of the major cloud providers have their own FaaS offering to facilitate Serverless Architectures
1
2
3
4
AWS LAMBDA
One of the first products and currently the most popular in Serverless Architectures. Lambda Functions can
be triggered by more than 20 events throughout the system: HTTP requests, CloudWatch Scheduled Events,
Kinesis Streams, IoT Events, S3 triggers, etc.
MICROSOFT AZURE FUNCTIONS
The second most popular FaaS after AWS Lambda. Includes most of the same features and event triggers as
Lambda, but supports more languages and deployment options out of the box.
IBM BLUEMIX OPENWHISK
OpenWhisk is the only open-source FaaS of any of the major cloud platforms. It’s the choice for those who
want some abstraction, but also want to manage some aspects of their compute environment. Supports
upload of Docker containers.
GOOGLE CLOUD FUNCTIONS
GCP is Google Cloud Platform’s FaaS product. It is currently in Beta, but already supports most of the
features of other released offerings. Includes triggers initiated from within Firebase.
20
21. © 2017 Emerging Technology Advisors LLC
Benefits of Serverless Architecture
21
1
2
3
Supports a Microservices Architecture since each function is a single responsibility
service
Lightweight, containerized runtimes inherit the benefits of a containerized system
Event-driven architecture promotes workflows that react to dynamic applications
4 Provisioning, configuration, scaling, and other management services are
abstracted from the developers
5 Metered billing means underutilized functions do not cost anything
22. © 2017 Emerging Technology Advisors LLC 22
Designing Event-Driven Applications
Serverless Architecture of a Mobile Application
23. © 2017 Emerging Technology Advisors LLC
Designing Serverless Applications
Case Study: Video Transcoding for Netflix