Understanding Platform as a Service

Understanding Platform as a Service Paul Fremantle JAXConf 2011 SanJose

Paul Fremantle Working in Apache since 2002 Apache Member CTO and Co-Founder of WSO2 VP, Apache Synapse I play the Tin Whistle @tedleung

Moore ’ s Law for Data The amount of data online went from 5 exabytes in 2002 281 exabytes in 2009 Doubled every 15 months You cannot deal with this data growth with the same applications A reasonable conclusion is that the number of applications will double every 15 months too

Key Enablers for effective development Robust and scalable applications Components at multiple levels (e.g. OSGi and SOA) Standards Internal Standards (e.g. Schema patterns, Security policies) External Standards (SOAP, REST/HTTP, AMQP) Tooling to create cloud-deployable artifacts Low cost of provisioning a platform The right platform services Automated Governance Re-use Consistency lifecycle management Monitoring and SLA managemen

Enterprise IT in 2010 © WSO2 2010

Enterprise IT in 2015+ © WSO2 2010

Cloud Native Attributes http ://bit.ly/CloudNative Core Attributes Self-service Multi-tenant Distributed / Scalable Elastically / Dynamically Scaled Metered Extended attributes Incrementally Deployable and testable Billed Dynamically wired

http://www.flickr.com/photos/ladymaggic/

http://www.flickr.com/photos/jurvetson/

Shared what? Shared Nothing Shared Hardware Shared Database Shared OS Shared Container Shared Everything

What kind of PaaS is it? Google App Engine, Heroku “ Web App” PaaS “ Integration PaaS” “ BPM PaaS” Messaging PaaS etc etc

Cloud Middleware Platform and PaaS A PaaS requires an underlying software base Cloud Middleware Platform (CMP), or Cloud Enabled Application Platform (CEAP – Gartner) “ Private PaaS” / On Premise PaaS Not all PaaS have redistributable CMPs The benefit of having a CMP is choice: Run your own PaaS in a private cloud More than one PaaS provider Open PaaS / Open CMP fights lock-in

Cloud Economies Public Cloud economy is based on the Central Limit Theorem For private clouds, the CLT sucks Multi-tenancy is the economy of scale for private clouds

Lean All the same benefits are magnified in a cloud Efficiency that is valuable in fixed deployments is invaluable in large dynamic deployments! Available on private, public, on-premise Getting locked into a specific public PaaS will have long term repercussions Open Source is a huge protection against this The correct set of core “ services ” Not just App Server, but Identity, Registry, Data, Cache, ESB, BPMS, Billing, Logging, etc Open Standard interfaces to common services Enables modular usage Self-service, multi-tenancy, elasticity, metering, incremental deployment and testing Offers a basis for both single-tenant and multi-tenant models Lots of tenants each with their own stuff, and/or One application that is offered to all or many tenants What to look for in a PaaS/CMP

Who are the players in the PaaS market? Those without a Private PaaS Force.com Heroku Google App Engine Amazon Elastic Beanstalk Those with a Private / Public PaaS Tibco Microsoft (nearly) Those with an Open Private / Public PaaS SpringSource CloudFoundry WSO2 Stratos

Stratos Overview A full middleware platform available as a service, with self service Fast provisioning Based on OSGi Modular, componentized, standard Multi-tenant, Elastic, Metered and Billed Effective and powerful Available under the Apache License Open Source, Open License, Open Development

Stratos resources Stratos SVN http://svn.wso2.org/repos/wso2/trunk/stratos/ Stratos-dev list https://mail.wso2.org/cgi-bin/mailman/listinfo/stratos-dev Stratos 1.5.1 builds (currently) freo.me/stratos151pack http://builder.wso2.org/~carbon/releases/stratos/

Installation options 1. Full installation Pre-reqs IaaS – Eucalyptus, vmWare, Ubuntu or Amazon MySQL & Perl & JVM Ability to run a number of VMs (one per service) 2. Laptop/Simple install Pre-reqs A machine with lots of memory (4Gb min, 8GB preferred) JVM MySQL & Perl

Installation of Stratos 1.5.1 pack Config mysql max_allowed_packet = 16M ulimit –n 65000 Unzip the distro cd stratos ./stratos-setup.pl export STRATOS_DIR=`pwd`/deploy cd deploy ./stratos.sh start all

StratosLive http:/ /cloud.wso2.com

Complete PaaS Gartner is forecasting that it will be 2015 before vendors have true, integrated, complete PaaS frameworks We believe Stratos is that today

Available Services (low level) Multi-tenancy Deployment synchronizer Elastic Load Balancer tenant-aware Tenant-aware identity manager SAML2, OpenId, Oauth, XACML Tenant Metering and Billing Discovery Logging Configuration & Repository Data-as-a-Service Queueing-as-a-Service Health Monitor Private / Public Cloud bridging

Every Service has a network API All admin functions and all the low level services are available as SOAP APIs Full SOAP support, REST in some cases Always possible to bridge into REST using the ESB Why? Clear SOA design Allow mashups, BPEL and ESB integration Automated provisioning Support hybrid multi-tenancy models for legacy software

Available Services (mid-level) Application Server Webapp deployment Multi-tenant deployment of Tomcat 7 Service Deployment Axis2, JAXWS, POJO, Spring Transaction Manager SaaS deployment model Portal Server Based on the OpenSocial/Google Gadget spec Gadget repository and strong personalization features SAML2 and OpenId Single Sign-on Data Services Enterprise Service Bus Full multi-tenant deployment of Apache Synapse Governance Registry Governance-as-a-Service model

Available Services (high-level) Business Process Manager Full BPEL runtime in the cloud Human Task support Business Rules Server Complex Event Processing Business Activity Monitoring

Stratos and StratosLive Timeline Stratos is the code StratosLive is the public cloud service Stratos hosted and managed by WSO2 at http://cloud.wso2.com April 2010 Stratos alpha release StratosLive alpha November 2010 Stratos 1.0 Gold StratosLive 1.0 beta July 2011 Stratos 1.5 StratosLive GA © WSO2 2011

What is Multi-tenancy? Many Parties shared same set of resources, while giving each an his own space

Building SaaS webapps Allows a tenant to deploy an app in “multi-tenant” mode All tenants login’s are accepted The tenant ID is available to the code The “owning” tenant must manage the data © WSO2 2011

Google Apps Integration Two way integration A Google Apps domain can use the WSO2 StratosLive Identity Server as the identity store Uses SAML2 single sign on A StratosLive domain can choose to use Google Apps as the identity store Uses OpenId and OAuth Allows integration of Stratos into Google Apps marketplace StratosLive domain is the same as the Google App domain All Google App users are automatically defined as StratosLive users © WSO2 2011

Multi-tenant datastore In Stratos 1.5 / StratosLive we are offering two different database models SQL/JDBC based on MySQL Running in a multi-tenant model Each tenant has their own protected set of database connections Cassandra / NoSQL Running in a multi-tenant model Adding HDFS support in the future Eventually we aim to support JPA as an API over both Currently only for JDBC © WSO2 2011

Apache Cassandra as a Service & Carbonized Cassandra Users can log in to the Web Console (both in Stratos and in WSO Data Server) and create Cassandra key spaces.

Apache Cassandra as a Service & Carbonized Cassandra (Contd.) Key spaces will be allocated from a Cassandra clusters they are isolated from other tenants in Stratos it is integrated with WSO2 Security model. Users can manage and share his key spaces through Stratos Web Console and use those key spaces through Hector Client (Java Client for Cassandra) In essence we provide Cassandra as a part of Stratos as a Service Multi-tenancy support Security integration with WSO2 security model

Elastic Load Balancer A lightweight deployment of Apache Synapse running in message relay mode Currently overhead of around 2ms New Relay Transport is expected to reduce this by 30-50% Load balancing based on load averages in VMs Tenant-awareness Makes it possible to partition clusters by tenant Underlying IaaS support for Eucalyptus, Ubuntu, Amazon Coming soon: vmWare and OpenStack © WSO2 2011

Distributed Logging Every service and custom applications logs are captured by the log4j/commons loggings settings Logs are partitioned by tenant Logs are sent to the manager service via syslog Logs are then viewable / downloadable by tenant admins

MT-Logging Deployment Architecture

Log Viewer – Stratos Manager {Super-Tenant}

Log Viewer – Stratos Data Services Server {Tenant User}

Every tenant has access to an Identity Service

Identity Server / Service Each tenant is identified by the @tenant-domain Each tenant admin can choose to manage their tenants user store either within the Stratos-internal LDAP store or using an external LDAP Bulk import Each tenant user has a OpenId/Infocard as well as SAML2 tokens Single-signon Single-Signoff is also supported SAML2 is used across the Stratos deployment to ensure a smooth transition between components SAML2 is also available as sign-on for webapps, gadgets and other user-deployed content

web.xml – Integrating Identity into WebApps <login-config> <auth-method>BASIC</auth-method> <realm-name>Basic Auth</realm-name> </login-config> Automatically ties into Stratos Identity

Identity Service continued As well as a full distributed authentication server, Stratos Identity Server also supports distributed Authorization OAuth XACML

Security Management Tenants are isolated at the core: Identity server provides the security model Registry/Repository implements an isolated data-store for configuration and meta-data Services are Isolated at the Axis2 level For services we also restrict classloading using Java Security Webapps are isolated using standard Tomcat techniques Each tenant can only load code from their tenants deployed WARs We apply security policies to stop webapps opening ports, modifying local files, calling OSGi Services These security policies can be changed based on need Sharing is possible across tenants using standard models – e.g. federated security and web/network access

Performance Overhead of Multi-tenancy

Billing and Metering A generic multi-tenanted metering and billing module Written as OSGi Uses Drools to implement service levels E.g. 10 users, 100Mb transfer/month, 15 deployed services for free level of subscription Can be used to meter real business events How many sales transactions / month

Usage Data Metering/Throttling Usage Metering Currently available 01. Registry Resource Volume 02.Number of users Planned for next release 01.Appserver Service Bandwidths/Request Response count 02.ESB Mediation Data(Bandwidths Data) Throttling Currently Available 01.Number of users 02.Registry Resource Volume Planned for next release 01.Number of Request and Response counts 02.Service incoming and outgoing bandwidths

Stratos Billing Scheduled invoice generation Notifies the customers via email after invoices are generated Ability to view past invoices and the current(interim) invoice Securely pay the invoice via Paypal Notifies the customer via email on received payments Notifies the super-admin on customers exceeding the credit limit Presents a summary view to the super-admin

Case Studies (in progress) System Integrator Currently running Stratos for internal projects Examining the use of Stratos for customer projects and SaaS Home Loan Bank WSO2 runs a private deployment of Stratos Developer sandbox and test environment Currently apps are then deployed internally in Carbon Betting/Gaming PaaS Provide an environment (Mashups, WebApps, Gadgets) for sports teams to write their own betting applications In the context of betting legislation/regulation Mobile PaaS Building a PaaS environment for a mobile telco SaaS-enablement of legacy applications

Futures SLA management and Priority Execution Better thread/CPU management and instrumentation HDFS support VM deployment End-to-end development lifecycle integration (Maven, SVN, Hudson/Jenkins, Junit)

Questions? http://www.flickr.com/photos/oberazzi/

Understanding Platform as a Service

More Related Content

Understanding Platform as a Service

Editor's Notes